This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

We are seeking an experienced Palo Alto Network Security Consultant to lead and support critical network security efforts in our client's transition to public cloud infrastructure. This role is a key contributor to two main initiatives:

• Migrating Zscaler security policies to Palo Alto firewalls with an emphasis on URL category optimization.
• Collaborating with infrastructure and application teams to implement data-center-extension wave rules.

Key Responsibilities

• Zscaler to Palo Alto Policy Migration
  • Lead efforts to migrate existing security policies from Zscaler to Palo Alto firewalls, ensuring a seamless transition before the end of the year.
  • Analyze current URL filtering policies and implement strategies to optimize and conserve URL category usage, specifically to remain within the 500 URL category limit per vsys.
  • Collaborate with network, security, and cloud teams to align policies with organizational security standards and cloud migration goals.
  • Develop and maintain detailed documentation of migration processes, configurations, and adjustments.
• Data Center Extension Wave Rules Implementation
  • Partner with infrastructure teams to identify, develop, and implement necessary wave rules required for data center extension to the cloud.
  • Work closely with application teams to test and validate wave rules, ensuring minimal disruption and performance impact.
  • Maintain ongoing management and tuning of Palo Alto firewall policies based on application requirements and evolving threat landscape.
• General Palo Alto Firewall Policy Management
  • Manage, optimize, and troubleshoot Palo Alto firewall policies across on-premises and cloud environments.
  • Provide technical guidance to security and network teams regarding Palo Alto best practices, performance, and feature utilization.

Qualifications

• Extensive hands-on experience (5+ years) with Palo Alto Networks firewall administration and policy management in enterprise environments.
• Proven experience in migrating security policies from Zscaler to Palo Alto or similar firewall migration projects.
• Strong understanding of Palo Alto URL Filtering capabilities and constraints, especially managing URL categories and vsys limits.
• Experience working with data center security extension concepts including wave rules or similar traffic segmentation controls.
• Solid knowledge of network security architecture, VPNs, routing, and cloud network integration, preferably with AWS or other public clouds.
• Ability to collaborate effectively with application teams and other stakeholders during rule implementation and testing phases.
• Excellent troubleshooting and problem-solving skills in firewall policy conflicts and rule optimization.
• Strong communication skills and ability to produce clear technical documentation.

Preferred Qualifications

• Palo Alto Networks certifications such as PCNSE (Palo Alto Networks Certified Network Security Engineer).
• Experience in financial services or similarly regulated environments.
• Familiarity with Infrastructure as Code (IaC) tools for automating firewall policy deployment.
• Exposure to cloud network security frameworks supporting public cloud migrations.

Company Description

CC Pace is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, or any other protected characteristic under federal, state, or local laws.

CC Pace is committed to employing only candidates who are legally authorized to work in the United States. For us to comply with the Immigration Reform and Control Act of 1986, all new employees, as a condition of employment, must complete the Employment Eligibility Verification Form I-9 and provide documentation that establishes identity and authorization to work. E-Verify will be used for employment verification as part of your onboarding process.

CC Pace values integrity throughout our hiring process. As part of our standard verification procedures, candidates will be asked to provide documentation confirming employment history, education, and work authorization.