Prisma VPN Implementation Specialist

Job Title: Prisma VPN Implementation Specialist
Job Summary: We are seeking a highly skilled Prisma VPN Implementation Specialist to design and deploy Prisma VPN solutions from scratch. The ideal candidate will possess extensive technical expertise in Prisma VPN, including configuration, troubleshooting, and optimization, and will ensure seamless integration into existing infrastructure.
Key Responsibilities:

• 8-10 years of network security specially in Prisma Cloud/VPN.
• Proven expertise in architecting, deploying, and optimizing Palo Alto Networks SASE platforms, with deep technical knowledge of Prisma Access, Prisma Access Browser, GlobalProtect, and Next-Generation Firewalls (NGFW)
• Architect Prisma VPN solutions tailored to organizational needs.
• Develop detailed implementation plans, including topology and security configurations.
• Install and configure Prisma VPN across diverse environments (cloud, hybrid, on-premises).
• Set up secure access policies, authentication mechanisms, and encryption protocols.
• Integrate Prisma VPN with existing network infrastructure and security tools.
• Optimize VPN performance and scalability to meet organizational demands.
• Implement monitoring tools to ensure VPN health and performance.
• Diagnose and resolve technical issues promptly, minimizing downtime.
• Create comprehensive documentation for configurations, processes, and troubleshooting.
• Train IT teams on Prisma VPN usage and best practices.
• Advanced working knowledge of Azure Security Center, AWS CloudWatch and CloudTrail
• Cloud security (IaaS, PaaS, and SaaS) across multiple cloud platforms such as Azure, AWS, and Google.
• Years of hands-on experience with remote user access technologies, including IPSec VPN, SSL VPN, Explicit Proxy, tunneling and encryption protocols such as SSL/TLS, IPSec, and GRE, with strong familiarity with PKI and certificate management (public/private).
• Extensive experience with authentication methodologies (2FA, SAML, RADIUS, LDAP, TACACS, Certificates) and directory services including Okta, Active Directory, Azure ADFS, Ping, Entra ID, and OneLogin
• Strong routing expertise, including BGP, static routing, traffic steering, redistribution, and policy-based forwarding (PBF) in enterprise network environments
• In-depth knowledge of NGFW capabilities, configuration, and deployment, including Panorama, App-ID, User-ID, Threat Prevention, URL Filtering, SSL Decryption, CASB, DLP, IP, NAT, routing protocols, IPSec VPNs, and how these elements interact with end-user applications and cloud services
• Exceptional written and verbal communication skills, with the ability to clearly articulate technical concepts to senior leadership, technical peers, and non-technical stakeholders
• Comfortable working both independently and as part of cross-functional teams, with the ability to manage multiple complex projects under pressure with direct customer-facing consulting experience, with a strong track record of delivering high-impact outcomes and executive-level presentations
  

Nice To Have

• Practical experience with SD-WAN, preferably Prisma SD-WAN (formerly CloudGenix) with the ability to implement and troubleshoot complex edge connectivity
• Familiarity with enterprise browser technologies, browser features (shortcuts/bookmarks, dev tools, extensions, history, cookies), and commercial browser management (Chrome, Edge, Brave), as well as competitors like Island Enterprise Browser
• Understanding of endpoint management tools such as Microsoft Intune, Jamf, and VMware Workspace ONE, especially as they relate to SASE client deployment and policy enforcement
• Scripting proficiency in PowerShell, Bash, or Python for task automation, with experience identifying and executing automation opportunities to enhance SASE deployments and operations

Qualifications:

• Bachelor s degree in Computer Science, Information Technology, or related field.
• Certifications in network security or Prisma technologies (e.g., Palo Alto Networks certifications).
• Proven track record of implementing VPN solutions in enterprise environments.
• Professional Network Security/Cloud Architect - preferred
• CISSP (+ ISSAP), CCSP - preferred
• CompTIA Security +, Associate of IC2 preferred
• Cloud Security Posture Management (CSPM)
• Cloud-Native Application Protection Platforms (CNAPP)