Network Security Engineer

A

Achieve

Network Security Engineer

Tempe, AZ
Full Time
Paid
  • Responsibilities

    Job Description

    We are seeking a Network Security Engineer with strong experience with Palo Alto to help mature and optimize our global network security environment with a focus on Zero Trust architecture, alignment to NIST cybersecurity frameworks, and proactive risk reduction. This role is critical to ensuring that our firewall infrastructure and security posture evolve in step with business priorities, regulatory compliance, and industry best practices.

    This hybrid role will be located in Tempe, Arizona.

    The ideal candidate brings deep experience in managing and refining Palo Alto Networks solutions across complex, hybrid enterprise environments. Beyond deployment, this position requires a strategic mindset—someone who can evaluate current controls, identify gaps, drive standardization, and lead continuous improvement efforts.

    Primary Responsibilities and Duties – This role will be focused on these key functions :

    • Serve as the subject matter expert for Palo Alto Networks firewalls, Panorama, and Prisma Access, ensuring ongoing performance, scalability, and consistency

    • Drive maturity of network security architecture, focusing on Zero Trust Network Architecture (ZTNA) and alignment to the NIST Cybersecurity Framework (CSF) and 800-207 guidelines

    • Lead ongoing optimization of firewall policies, rulebase hygiene, and configuration standards across environments

    • Define and enforce enterprise-wide security policy frameworks, including tagging standards, object naming conventions, and access control methodologies

    • Refine and maintain authentication profile integrations (e.g., LDAP, SAML, RADIUS, MFA) to support granular, identity-based security models

    • Collaborate with stakeholders to align firewall controls and network segmentation to business risks and priorities

    • Conduct periodic assessments and gap analyses to measure posture against best practices, compliance requirements, and internal audit standards

    • Participate in cross-functional projects to ensure network security is embedded in infrastructure lifecycle processes (e.g., change management, architecture reviews)

    • Maintain documentation, reference architectures, and runbooks to support knowledge transfer, audit readiness, and operational excellence

    • Provide mentorship and guidance to junior team members and collaborate with broader InfoSec, cloud, and infrastructure teams

    • Support security incident response by providing firewall data, analysis, and rule adjustments as needed

  • Qualifications

    Qualifications

    What you'll bring:

    • 5–8+ years of experience managing enterprise firewall environments, ideally in regulated or highly available environment

    • Expertise with Palo Alto Networks solutions (PA Series firewalls, Panorama, Prisma Access)

    • Deep understanding of Zero Trust principles and ability to apply them in real-world enterprise environments

    • Strong grasp of NIST CSF, 800-207, and other industry-aligned security architecture and control frameworks

    • Experience developing and managing firewall policy baselines, segmentation strategies, and governance documentation

    • Proficiency in managing authentication profiles and integrating identity platforms (e.g., Okta, Azure AD) with network controls

    • Experience in hybrid cloud and IaaS environments (e.g., AWS, Azure) and their impact on network security architecture

    Certifications:

    • PCNSE (Palo Alto Networks Certified Network Security Engineer) – Strongly Preferred

    • CCNP Security, CCNP Enterprise, or CCIE – Preferred

    • Security certifications such as CISSP, Security+, or GIAC – Strongly Preferred

    Preferred:

    • Familiarity with Cisco networking technologies (routing/switching, ISE) is preferred

    • Leading security hardening or firewall optimization initiatives

    • Developing internal standards aligned to Zero Trust maturity models

    • Automation and scripting experience (e.g., Ansible, Python, Terraform) is a plus

    • Exposure to SD-WAN or SASE frameworks

    • Education: Bachelors degree in Computer Science, Information Technology, Cybersecurity, or related field.

    Additional Information

    All your information will be kept confidential according to EEO guidelines.

    Achieve well-being with:

    • 401 (k) with employer match
    • Medical, dental, and vision with HSA and FSA options
    • Competitive vacation and sick time off, as well as dedicated volunteer days
    • Access to wellness support through Employee Assistance Program, physical and mental health wellness programs
    • Pet care discounts for your furry family members
    • Financial support in times of hardship with our Achieve Care Fund
    • A safe place to connect and a commitment to diversity and inclusion through our six employee resource groups

    Join Achieve, change the future.

    **Attention Agencies & Search Firms: **We do not accept unsolicited candidate resumes or profiles. Please do not reach out to anyone within Achieve to market your services or candidates. All inquiries should be directed to Talent Acquisition only. We reserve the right to hire any candidates sent unsolicited and will not pay any fees without a contract signed by Achieve’s Talent Acquisition leader.

    #LI-KM1