Network Security (Palo Alto) Engineer

Title:  Network Security (Palo Alto) Engineer

Location: Houston, TX (3 days/week onsite)

ComTec is seeking a highly skilled Network Security Engineer with deep expertise in Palo Alto firewalls. The ideal candidate will be responsible for designing, implementing, maintaining, and troubleshooting enterprise firewall solutions in a large-scale network security environment.

Responsibilities:

·         Design and implement Palo Alto firewall policies, NAT rules, VPN configurations, and security zones.

·         Deploy, configure, and manage Palo Alto firewalls including policies, NAT, VPN, IPS, and threat prevention features.

·         Demonstrate expertise in deploying, configuring, and managing Palo Alto firewall and VPN solutions across on-premises, cloud, and remote access environments, ensuring seamless integration and security

·         Define, configure, and optimize firewall policies and rules

·         Perform troubleshooting and root cause analysis for network security incidents and firewall-related issues.

·         Manage security zones, access control policies, and URL filtering.

·         Plan and execute firewall upgrades, patches, and migrations with minimal downtime.

·         Monitor and respond to security events and incidents related to firewalls and network devices.

·         Perform regular firewall rule reviews to optimize security and ensure compliance with security best practices while ensuring business continuity.

·         Ensure security of routing protocols (BGP, OSPF), VLANs, and load balancing across the network.

·         Involve in security audits, vulnerability assessments, and incident response to ensure network security compliance.

·         Monitor network performance and proactively address bottlenecks, latency issues, and security breaches.  

·         Maintain detailed documentation for firewall configurations, security policies, and network diagrams

·         Oncall rotation one week, every 5 weeks. Oncall schedule: Monday 7AM to Monday 7AM.

·         Weekend support as needed for weekend deployments.

Required Skills:  

·         5+ years of experience in Network Security Engineering.

·         3+ years of strong experience in Palo Alto Firewall administration.

·         Experience in log analysis, incident response, and security monitoring.

·         Hands-on with VPNs (SSL/IPSec), NAT, IDS/IPS, Threat Prevention, and URL Filtering.

·         In-depth knowledge of TCP/IP, routing, VLANs, NAT, VPN, IPS, IDS, and general network architecture.

·         Understanding of network protocols (TCP/IP, BGP, OSPF, VLANs, DHCP, DNS, NAT, SNMP, IPsec, GRE, VXLAN).

·         Must have excellent understanding of security architecture and integration

·         Scripting experience using Power Shell or Python is a plus.

·         Experience with change management and ITIL-based processes.

·         Strong troubleshooting and analytical skills.

·         Excellent communication and documentation skills.

·         Able to participate in oncall rotation schedule. One week for every 5 weeks. Monday 7AM to Monday 7AM.

·         Nice to have: Certifications such as PCNSE, PCNSA, CISSP, or CCNP.