Network Security Consultant (Palo Alto / Fortinet / Check Point)

Network Security Consultant (Palo Alto / Fortinet / Check Point) 

Loc; San Jose, CA  ONSITE

Dur: long term 

The Information Security team is seeking a Network Security Consultant responsible for securing enterprise network infrastructure with a primary focus on Palo Alto Networks firewall platforms. 

The role involves deployment, configuration, monitoring, and troubleshooting of firewalls, centralized management systems, VPNs, and advanced threat prevention technologies to ensure secure and reliable enterprise network operations. 

Key Responsibilities 

• Configure, deploy, and manage Palo Alto firewalls using PanOS, Panorama, and Strata Cloud Manager (SCM); provide additional support for Fortinet and Check Point platforms. 

• Design, implement, and maintain firewall security policies, NAT, routing, and VPN technologies (IPSec and SSL VPN). 

• Manage centralized firewall administration using Palo Alto Panorama including device groups, templates, and policy hierarchy. 

• Design and enforce User-ID based security policies integrating Active Directory, LDAP, and enterprise identity sources. 

• Configure and maintain SSL/TLS decryption (SSL Forward Proxy and Inbound Inspection), including certificate management and privacy exclusions. 

• Perform firewall rule reviews, policy optimization, lifecycle management, and security hardening. 

• Monitor traffic, threat, URL, and decryption logs to investigate incidents and support threat mitigation. 

• Troubleshoot complex network, VPN, decryption, and security policy issues across enterprise environments. 

• Support WAN/LAN security architecture, segmentation, and zero-trust initiatives. 

• Conduct security audits, configuration reviews, and compliance checks for firewall and network security environments. 

• Collaborate with infrastructure, cloud, and security teams to implement network security best practices. 

Required Skills 

• Strong hands-on experience with Palo Alto Networks platforms: PanOS, Panorama, User-ID, App-ID, and Content-ID. 

• Hands-on experience with centralized firewall management using Palo Alto Panorama. 

• Experience with Palo Alto Strata Cloud Manager (SCM) for cloud-based policy management and visibility. 

• Hands-on experience with SSL/TLS decryption, certificate management, and decryption troubleshooting. 

• Working knowledge of Fortinet FortiGate and Check Point firewall platforms. 

• Strong experience with VPN technologies including IPSec, GlobalProtect, and SSL VPN. 

• Solid understanding of TCP/IP, routing, switching, and enterprise network security principles. 

• Experience analyzing firewall logs, packet captures, and decrypted traffic flows. 

• Hands-on use of Wireshark, Syslog, SIEM, and security monitoring tools. 

Qualifications 

• 10+ years of experience in network security, firewall engineering, or security operations. 

• Deep expertise in enterprise firewall architecture, centralized management, and security operations. 

• Experience supporting highly available, production enterprise environments. 

Preferred Certifications 

• Palo Alto Networks Certifications (PCNSE / PCNSA) 

• Fortinet NSE 

• Check Point Certifications (CCSA / CCSE) • CISSP or GIAC (optional)