Palo Alto Principal Enterprise Security Engineer 

United States, California 

605343233

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Impact

• Design, build, and implement robust security capabilities and services to safeguard Palo Alto Networks' identity, application, and endpoint infrastructure.
• Identify, assess, and remediate security architecture gaps across the organization's identity, application, and endpoint domains.
• Analyze technical risks of existing endpoint, identity, and application architectures (SaaS/PaaS/IaaS and on-premise) against security controls, policies, and risks, then develop appropriate remediation or risk reduction plans.
• Adopt an automation-first approach to create scalable solutions for continuous security control assessment.
• Generate and monitor effective, actionable Information Security reports across the InfoSec technical landscape, providing pertinent input for briefing presentations.
• Evaluate ongoing practices, procedures, technical documentation, and diagrams to ensure appropriate security measure maturity and effectiveness.
• Lead hands-on Proof of Concepts (POCs) with rigorous benchmarks for security technology innovations and adoptions.

Your Experience

• 10+ years of combined experience as an enterprise security engineer, software engineer, or cloud security engineer
• Extensive experience in information security, security engineering or architecture roles
• Deep understanding of Identity & Access Management, application, endpoint, and Infrastructure security in Enterprise environments.
• Working knowledge of identity & access management platforms, for workforce, non-human identities, privileged access
• Understanding of AI security (dynamic access control with Just In Time access with least privileges for Agentic AI integrations)
• In depth knowledge of threat model, cryptography, authentication and authorization
• Expert level experience performing threat modeling and design reviews to assess security implications and requirements
• Experience with programming / scripting in any language (Python / Golang / Powershell etc.)
• Experience in security engineering related to vulnerability management, intrusion prevention, data protection, monitoring, analytical and correlation tools a PLUS
• Certification in any of the following is a plus: CISSP; CCSP; OSCP; OSCE; Google Cloud Architect; AWS Cloud Architect; GIAC Certified Enterprise Defender (GCED)

Education

• Bachelor's degree from four-year college or university; or equivalent training, education, and experience in information / cyber security, computer systems, IT, etc.

Compensation Disclosure

The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $167K - $230K/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found .

All your information will be kept confidential according to EEO guidelines.