palo_alto_networks
Sr Network Engineer First Customer Network IT Infrastructure
palo_alto_networks, Santa Clara, California, us, 95053
PALO ALTO NETWORKS is the fastest-growing security company in history. We offer the chance to be part of an important mission: ending breaches and protecting our way of digital life. If you are a motivated, intelligent, creative, and hardworking individual, then this job is for you!
Our revolutionary, next generation network security products are the vanguard of the enterprise security industry, leading the way in the fight to protect our digital way of life, and before our products ever see the light of day, they are used extensively by employees of Palo Alto Networks. We call this the ‘First Customer Network’.
The Sr. Network Engineer, First Customer Network, owns this critical network, keeping it running and maintained, ultimately rolling it out to our other offices around the world! This talented Network Engineer will be the ‘go to’ subject matter expert for this First Customer Network.
RESPONSIBILITIES:
Install, support and maintain First Customer Network hardware and software infrastructure according to best practices, including routers, load balancers, switches, wifi controllers, and firewalls. Perform network security design and integration. Diagnose problems and solve issues, often under time constraints. Devote 70% of your time on the First Customer Network, with the remaining time supporting the Network Team as they build out and maintain our primary network. Provide network and host-based security, incident response, firewall, and VPN management and administration. Implement the necessary controls and procedures to protect information systems assets from intentional or inadvertent modification, disclosure, or destruction. Provide network documentation. Ensure system uptime and backup for network-related equipment. Conduct security assessments (with security team) and make recommendations on data/voice network (LAN/WLAN/WAN/DMZ/Internet), disaster recovery, remote access, network appliances, servers, and directory services security. Provide security incident triage and response, including working with firewall and device logs, investigating security events, protecting the forensic value of data, and establishing monitoring and incident reporting and response procedures. Work closely with engineering to help report issues and manage project deliverables and provide status and progress reports. Provide on-call support for L3 Network engineering on rotation. QUALIFICATIONS:
7+ years of experience in networking and security roles; BSCS or related field, MS preferred. Working knowledge of using scripting (Python/Bash) to automate network tasks. Experience with using source code control for tracking configurations and changes. Experience with Ansible/Chef/similar config management framework for pushing network changes. Experience building out and maintaining Wireless Networks. Expert knowledge of networking and routing protocols such as TCP/IP, BGP4 (multi-homing), OSPF (multi-area), RIP, ISIS, etc. Expert working knowledge in the operation of Ethernet LAN switching protocols and standards including VLANs, VLAN aggregation, Ether Channel, PVLANs, Spanning Tree & Rapid Spanning Tree, 802.1Q. Extensive background in planning and designing projects and analyzing existing network systems and procedures for efficiency and effectiveness. Experience with software load balancers. Experience performing configuration and troubleshooting of Cisco & Arista routing/switching platforms. Expert knowledge of firewall technologies (PANW preferred), including VPNs and routing. Experience with multi-tier architectures, including best practices around tier isolation (for databases, etc.). Ability to analyze network packet traces (PCAP). Extensive knowledge of network security systems, intrusion detection systems and protocols including ACE, ACS, VPN, GRE, IPSEC, IKE, TACACS, RADIUS, ACLs, 802.1x, audits, log files, etc. PREFERRED CERTIFICATIONS
CCIE, CCSP, CCDP. Learn more about Palo Alto Networks here and check out our fast facts. #LI-MT1
#J-18808-Ljbffr
Install, support and maintain First Customer Network hardware and software infrastructure according to best practices, including routers, load balancers, switches, wifi controllers, and firewalls. Perform network security design and integration. Diagnose problems and solve issues, often under time constraints. Devote 70% of your time on the First Customer Network, with the remaining time supporting the Network Team as they build out and maintain our primary network. Provide network and host-based security, incident response, firewall, and VPN management and administration. Implement the necessary controls and procedures to protect information systems assets from intentional or inadvertent modification, disclosure, or destruction. Provide network documentation. Ensure system uptime and backup for network-related equipment. Conduct security assessments (with security team) and make recommendations on data/voice network (LAN/WLAN/WAN/DMZ/Internet), disaster recovery, remote access, network appliances, servers, and directory services security. Provide security incident triage and response, including working with firewall and device logs, investigating security events, protecting the forensic value of data, and establishing monitoring and incident reporting and response procedures. Work closely with engineering to help report issues and manage project deliverables and provide status and progress reports. Provide on-call support for L3 Network engineering on rotation. QUALIFICATIONS:
7+ years of experience in networking and security roles; BSCS or related field, MS preferred. Working knowledge of using scripting (Python/Bash) to automate network tasks. Experience with using source code control for tracking configurations and changes. Experience with Ansible/Chef/similar config management framework for pushing network changes. Experience building out and maintaining Wireless Networks. Expert knowledge of networking and routing protocols such as TCP/IP, BGP4 (multi-homing), OSPF (multi-area), RIP, ISIS, etc. Expert working knowledge in the operation of Ethernet LAN switching protocols and standards including VLANs, VLAN aggregation, Ether Channel, PVLANs, Spanning Tree & Rapid Spanning Tree, 802.1Q. Extensive background in planning and designing projects and analyzing existing network systems and procedures for efficiency and effectiveness. Experience with software load balancers. Experience performing configuration and troubleshooting of Cisco & Arista routing/switching platforms. Expert knowledge of firewall technologies (PANW preferred), including VPNs and routing. Experience with multi-tier architectures, including best practices around tier isolation (for databases, etc.). Ability to analyze network packet traces (PCAP). Extensive knowledge of network security systems, intrusion detection systems and protocols including ACE, ACS, VPN, GRE, IPSEC, IKE, TACACS, RADIUS, ACLs, 802.1x, audits, log files, etc. PREFERRED CERTIFICATIONS
CCIE, CCSP, CCDP. Learn more about Palo Alto Networks here and check out our fast facts. #LI-MT1
#J-18808-Ljbffr