Network Security Engineer (Palo Alto) || 4 year+ || Mumbai || Only Immediate Joiner

L2 Perimeter Firewall Engineer – Palo Alto

Location: Mumbai / Bangalore / Remote

Experience: 4–7 Years

Role: Network Security / Firewall Operations (L2)

Job Summary

The L2 Perimeter Firewall Engineer is responsible for managing, monitoring, and troubleshooting enterprise firewall infrastructure, particularly Palo Alto Next-Generation Firewalls (NGFW). The role involves handling L2 support incidents, firewall policy changes, VPN troubleshooting, security monitoring, and coordination with L3 teams to maintain a secure network perimeter.

Key Responsibilities

Firewall Administration

• Manage and administer Palo Alto Next-Generation Firewalls (NGFW).
• Configure and maintain security policies, NAT rules, and access control lists.
• Perform firewall rule review, optimization, and policy implementation.
• Implement firmware upgrades, patches, and configuration backups.

Incident & Problem Management

• Provide Level-2 support for firewall and network security incidents.
• Analyze firewall logs and alerts to detect potential security threats.
• Perform root cause analysis (RCA) and coordinate with L3 teams for complex issues.
• Participate in P1/P2 incident bridge calls and resolution activities.

VPN & Connectivity Management

• Configure and troubleshoot Site-to-Site VPN and Remote Access VPN (GlobalProtect).
• Troubleshoot network connectivity issues (HTTP, HTTPS, SSL, routing).
• Ensure secure communication between data centers, cloud, and branch networks.

Security Monitoring

• Monitor firewall, IPS/IDS, and Anti-DDoS systems.
• Investigate suspicious traffic and security anomalies.
• Work with SIEM tools for security event monitoring and correlation.

Change & Configuration Management

• Implement firewall changes based on change management processes.
• Maintain documentation of network diagrams, firewall rules, and security policies.
• Ensure compliance with security standards and company policies.

Required Skills

• Hands-on experience with Palo Alto Firewall (PAN-OS)
• Knowledge of NAT, Security Policies, Zones, App-ID, User-ID
• Experience with VPN (IPSec, SSL VPN / GlobalProtect)
• Understanding of TCP/IP, Routing, VLANs, DNS, HTTP/HTTPS
• Firewall troubleshooting using packet capture and logs
• Experience with IDS/IPS, Anti-DDoS, Web Filtering
• Knowledge of SIEM tools (Splunk / QRadar / ArcSight)

Preferred Certifications

• PCNSA / PCNSE (Palo Alto)
• CCNA / CCNP Security
• CEH or other Cybersecurity certifications

Education

• B.E / B.Tech / BCA / MCA in Computer Science / IT / Networking