Palo Alto Principal Engineer - SRE 

United States, California 

59033082

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Impact

• Design, implement and provide support for IT infrastructure compute components

• Install, support and maintain software infrastructure according to best practices, including routers, Load balancers, switches, wifi controllers, and firewalls via terraform/ansible automation

• Perform network security design and integration

• Diagnose problems and solve issues, often under time constraints

• Implement the necessary controls and procedures to protect information systems assets from intentional or inadvertent modification, disclosure, or destruction

• Ensure system uptime and backup for all IT infrastructure

• Provide security incident triage and response, including working with firewall and device logs, investigating security events, protecting forensic value of data and establishing monitoring and incident reporting and response procedures

• Work closely with engineering to help report issues and manage project deliverables and provide status and progress reports

• Provide on-call support for Incident Management

Your Experience

• 8+ years’ experience in IAC and infra automation tools

• BSCS or related field, MS preferred

• Expert knowledge on cloud orchestration via GKE / EKS, etc

• Extensive background in planning and designing projects and analyzing existing distributed systems and procedures for efficiency and effectiveness

• Experience with Load Balancers, F5 preferred, Reverse proxy (nginx)

• Knowledge of data center design, build-out, and best practices

• Experienced in designing and implementing Business Continuity Plans and Disaster Recovery Plans and facilities

• Experience performing configuration and troubleshooting of Cisco & Arista routing/switching platforms

• Expert knowledge of firewalls technologies (PANW preferred), including VPNs and routing

• Experience with multi-tier architectures, including best practices around tier isolation (for databases, etc)

• Extensive knowledge of network security systems, intrusion detection systems and protocols including, ACE, ACS, VPN, GRE, IPSEC, IKE, TACACS, RADIUS, ACLs, 802.1x, audits, log files etc.

• Basic knowledge of shell scripting and programming languages such a PERL, Ruby, PHP, or Python

• Advanced knowledge of DNS and DHCP and Microsoft AD infrastructure

• Strong analytical skills for interpreting business requirements and translating them into technical specifications

• Strong project management, time management, and organizational skills

• Excellent communication skills, including the ability to write network and security documentation, policies, and guidelines

• Ability to work nights and weekends and provide 24/7 on-call support

• Well-versed in commercial InfoSec requirements, guidance and standards

Compensation Disclosure

The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $154,000 - $249,500/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found .

All your information will be kept confidential according to EEO guidelines.