[Remote] Remote Network Security Engineer (Palo Alto Networks)

Note: The job is a remote job and is open to candidates in USA. StopAHack.com® is a veteran-founded, Great Place To Work® certified cybersecurity services company specializing in Palo Alto Networks technologies. The Remote Network Security Engineer will be responsible for delivering professional services related to next-generation firewall policies, secure remote access, and network security solutions for end customers.

Responsibilities

• Design and implement next‑generation firewall policy using App‑ID , User‑ID , and Content‑ID (Threat Prevention, Advanced URL Filtering, WildFire, DNS Security)
• Deploy and manage GlobalProtect (portals, gateways, HIP checks, authentication, MFA) for secure remote access
• Engineer SSL/TLS Decryption (Forward Proxy, Inbound Inspection) and plan safe rollouts; leverage Decryption Broker where applicable
• Build and operate at scale with Panorama (device groups, templates, template stacks, objects, overrides, commit workflows)
• Plan and execute upgrades, content updates, HA pair design/failover tests, and change windows with rollback strategies
• Implement or optimize SD‑WAN policies and path selection; baseline and monitor health with AIOps for NGFW
• Integrate logging/telemetry with Cortex Data Lake and SIEMs; produce RCAs and durable fixes for complex issues
• Document HLD/LLD designs, runbooks, and change plans; mentor customer engineers and deliver knowledge transfer

Skills

• 7+ years in enterprise network/security engineering (or equivalent practical experience)
• 3+ years hands-on with PAN-OS/GlobalProtect/Decryption and 2+ years with Panorama at scale
• Experience designing and supporting at least two NGFW families (e.g., 1400/3400/5400, VM-Series, CN-Series) in production
• Strong fundamentals: routing (BGP/OSPF), IPsec/IKEv1-v2, certificates/PKI, authentication (SAML/LDAP/RADIUS), and packet-level troubleshooting
• Clear written and verbal communication; comfort leading changes and collaborating with customer stakeholders
• PCNSE (or equivalent experience)
• Hands-on with SD-WAN, AIOps for NGFW, automation (Terraform/Ansible), public cloud firewalls (AWS/Azure/GCP), or Cortex integrations
• Experience building standardized policy objects, golden configs, and guardrails for multi-tenant environments

Company Overview

• StopAHack® helps security leaders reduce risk, accelerate compliance, and modernize operations. It was founded in 2021, and is headquartered in Marlborough, Massachusetts, US, with a workforce of 11-50 employees. Its website is https://stopahack.com.