Senior Cloud Security Engineer (InfoSec)

Job description

**Our Mission**

At Palo Alto Networks® everything starts and ends with our mission:

Being the cybersecurity partner of choice, protecting our digital way of life.
Our vision is a world where each day is safer and more secure than the one before.

We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are.

**Who We Are**

We take our mission of protecting the digital way of life seriously.

We are relentless in protecting our customers and we believe that the unique ideas of every member of our team contributes to our collective success.

Our values were crowdsourced by employees and are brought to life through each of us everyday - from disruptive innovation and collaboration, to execution.

From showing up for each other with integrity to creating an environment where we all feel included.

As a member of our team, you will be shaping the future of cybersecurity.

We work fast, value ongoing learning, and we respect each employee as a unique individual.

Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported.

This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few!

At Palo Alto Networks, we believe in the power of collaboration and value in-person interactions.

This is why our employees generally work full time from our office with flexibility offered where needed.

This setup fosters casual conversations, problem-solving, and trusted relationships.

Our goal is to create an environment where we all win with precision.

**Your Career**

Palo Alto Networks is disrupting the Cyber Security industry! We are looking for a Senior Cloud and firewall Engineer to join our Infosec team that owns, securing and delivering security for our Enterprise, SaaS, and Public Cloud security services.

With your networking, firewall, cloud, and development skills, you’ll design, build automation and integrate along with our secure programs – scale and secure our infrastructure and application in a Google Cloud Platform environment as well as collaborate with other team members.

In this role, you will provide technical leadership in the development of Security programs by helping to drive the disruptive vision, technology planning, and estimation.

If you are a fast learner and passionate about Cyber Security, this is a great opportunity for you.

**Your Impact**

+ Providing advanced operations and engineering support for critical systems and services, including application and security infrastructure on-prem and in the cloud.
+ Responsible for assessing and reviewing the security and cloud infrastructure in both IT and production environments.
+ Coordinates with various teams to ensure appliances and services are configured with the correct posture to support business requirements.
+ In-depth knowledge of designing and implementing a Zero Trust Network Architecture, including network and identity segmentation.
+ Continuous monitoring and improvement of IT support practices to enhance scalability, reliability, and performance in the product infrastructure.
+ Assist in maintaining strong oversight of cloud computing solutions to safeguard against undue risks from third-party or external integrations.
+ Develop automation using SOAR tools to streamline repetitive tasks and improve the overall efficiency of the security team.
+ Collaborate with teams outside the Security Fusion Center, including Vulnerability Management, Network Engineering, OS Engineering, and product SRE.
+ Prioritize and respond to critical vulnerabilities and data exposures with urgency and effective risk mitigation strategies.
+ Develop and maintain security baselines for infrastructure components (e.g., VMs, containers, network devices) in alignment with CIS Benchmarks, NIST, and internal standards.
+ Support incident response activities, including containment, forensic investigation, root cause analysis, and post-incident documentation.
+ Perform regular policy and firewall rule reviews to ensure alignment with access requirements and enforcement of Zero Trust principles.
+ Contribute to governance, risk, and compliance (GRC) efforts, including audit participation, third-party risk assessments, and evidence collection for SOC 2, ISO 27001, or FedRAMP certifications.

**Your Experience**

+ 4-7 years of hands-on experience in the Network and Infrastructure security technologies.
+ 2+ years of experience with firewall technologies, including deep expertise with Palo Alto Networks Next-Generation Firewalls (NGFW) and security rule evaluation.
+ 2+ years of experience managing and securing cloud environments across AWS, GCP, and Microsoft Azure, with knowledge of native security tools and multi-cloud architectures.
+ Proven ability to design, build, and maintain scalable cloud infrastructure and secure cloud-native applications, leveraging infrastructure-as-code (IaC) principles.
+ Experience working with public sector systems, setting up and maintaining security controls to meet government standards like FedRAMP.
+ Strong working knowledge of IP networking, including routing, switching, VPNs, DNS, NAT, load balancing, and wireless for both on-prem and cloud environments.
+ Proficient in virtualization platforms such as VMware, with experience securing virtualized and hybrid workloads.
+ Experience working with REST APIs, automation scripting using Python or Go, and integration of security workflows into infrastructure tools.
+ Ability to evaluate and optimize firewall rules and access control policies across complex environments, aligning with Zero Trust and least privilege models.
+ Solid foundation in certificate management and PKI, including experience issuing and renewing certificates, managing key lifecycles, and enforcing secure communication using TLS and mutual authentication.
+ Strong experience with OS-level security hardening and configuration management across Linux (RHEL, Ubuntu) and Windows Server, including patching, log monitoring, enforcing CIS/NIST baselines, and secure user access controls.
+ Proficient in managing and securing Microsoft Active Directory (AD) environments, including Group Policy, LDAP integrations, role-based access control (RBAC), and identity federation for hybrid cloud architectures.
+ Self-motivated, strong troubleshooting skills, and capable of working independently in fast-paced environments with minimal supervision.
+ Strong communication skills with the ability to collaborate effectively with cross-functional teams, including network operations, cloud infrastructure, IAM, and compliance.
+ CISSP, AWS , GCP certifications preferred.
+ PCNSE certification is a plus.

**The Team**

Think about it, security for an information security company.

Working at a high-tech cybersecurity company within the Information Security team is a once in a lifetime opportunity.

You’ll be joined with the brightest minds in technology, our global teams on the front line of defense against cyberattacks.

We’re joined by one mission – but driven by the impact of that mission and what it means to protect our way of life in the digital age.

Join a dynamic and fast-paced team that feels excitement at the prospect of a challenge and feels a thrill at resolving security gaps that inhibit our privacy.

**Compensation Disclosure**

The compensation offered for this position will depend on qualifications, experience, and work location.

For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $145,000 - $180,000/YR.

The offered compensation may also include restricted stock units and a bonus.

A description of our employee benefits may be found here (http://benefits.paloaltonetworks.com/) .
#LI-NP1

**Our Commitment**

We’re problem solvers that take risks and challenge cybersecurity’s status quo.

It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability.

If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com .

Palo Alto Networks is an equal opportunity employer.

We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.

**Is role eligible for Immigration Sponsorship?

No.** **Please note that we will not sponsor applicants for work visas for this position.**

Required Skill Profession

Other General