Network Security Engineer

Position: Network Security Engineer

Location: Santa Clara, CA - Onsite

Duration: Long Term Contract

Number of Positions: 2

Note: Need local to CA

Who You Are

You re a skilled Network Engineer with a security-first mindset, experienced in building and supporting robust firewall architectures and zero-trust networks. You ve deployed and managed Palo Alto firewalls at scale, understand the principles behind ZTNA (Zero Trust Network Access), and bring strong troubleshooting and design skills across both traditional and modern network security paradigms.

You are passionate about infrastructure security, bring deep technical knowledge, and thrive in collaborative, high-performance environments. You re also curious, adaptable, and eager to push boundaries just like us.

What You ll Be Doing

• Designing, deploying, and managing enterprise-scale firewall infrastructureusing Palo Alto Networks (PAN-OS) appliances and services.
• Implementing Zero Trust Network Access (ZTNA)strategy across internal and cloud environments.
• Performing in-depth troubleshooting, log analysis, and policy tuning to ensure secure, reliable connectivity across site global environment.
• Collaborating with network, systems, and security teams to develop scalable and automated security solutions for our on-prem and hybrid environments.
• Managing policy frameworks, NAT rules, decryption strategies, segmentation models, and high-availability configurations.
• Participating in incident response, architecture reviews, and security posture assessments.
• Documenting designs, change procedures, and operational standards for firewall and security infrastructure.

What We Need to See (Must-Have Skills)

• 12 years of hands-on experience in network engineering or security engineering roles with focus on firewall infrastructure.
• Deep understanding of Palo Alto firewall platforms, including Panorama, virtual firewalls, and security services (App-ID, User-ID, Threat Prevention).
• Proven experience designing and implementing Zero Trust Network Access (ZTNA) principles in enterprise environments.
• Strong background in IP networking, routing, and segmentation with a security lens.
• Experience with Linux-based environments and solid grasp of data center networking (Arista preferred).
• Ability to conduct traffic flow analysis, perform advanced troubleshooting, and drive resolution of complex connectivity or policy issues.

Nice to Have (Bonus Points for)

• Familiarity with network automation(e.g., Ansible, Jinja, Python, Go) for firewall or policy management.
• Experience integrating firewalls with SIEM, identity providers (IdP), and endpoint security
• Exposure to SASEarchitectures and cloud-based security services.
• Understanding of microsegmentationstrategies and software-defined perimeter technologies.
• Experience with SONiCor other open networking platforms.