We are reshaping the cybersecurity market through our cloud-delivered
security services, and our cloud infrastructure is quickly and massively
growing with a global footprint. We’re looking for great SREs, as well
as software engineers interested in production engineering, to help us
scale the largest enterprise security cloud infrastructure in the world.
Description:
Palo Alto Networks reinvented the enterprise firewall, growing from a
start-up to a multi-billion-dollar company. Our Application Framework,
the latest offering in our cloud-delivered security services, ingests
security events from hundreds of thousands of firewalls deployed across
the globe to provide a massive data analytics platform for deep
inspection, anomaly detection, and actionable security automation. Our
cloud infrastructure is home to a series of massive and complicated
distributed systems and virtualization software platforms which enable
big data processing around security services, sandboxing and malware
detection, URL categorization and malicious site/domain identification,
and security research/response.
Qualifications
- Deep knowledge of Linux and the networking stack, with hands-on
experience in large infrastructure security in data centers and
public cloud
- Experience with security at the host level including iptables and
rule automation, as well as network-level east-west and north-south
security best practices.
- Experience in creating automated frameworks for vulnerability
management such as automated OS/kernel patching including kernel
patching, Java upgrades, Python upgrades, and Docker security at
large scale
- Experience and knowledge of working with security tool APIs such as
Nexpose, Tenable, etc.
- Experience and knowledge of various security compliance standards
such as PCI, FedRAMP, SOC2 controls, as well as auditing and
reporting
- Knowledge and understanding of WAS application tools such as
Qualys/Burp suite and building tools as necessary to facilitate web
application remediation
- Experience in automated provisioning of network devices (ie Arista
switches with Ansible or Saltstack or building Python tools to
interface with network devices)
Responsibilities
- Working with teams to work through, and contribute to, our security
roadmap – from a reference architecture and design to implementation
- Working with system/platform SREs and application SREs to make sure
security is properly implemented and monitored
- Write automation code and leverage tools for large-scale
vulnerability management, security rule enforcement, auditing,
reporting
- Interface with InfoSec team on planning and implementing
security-focused projects, participate in incident response
- Incorporate hardening best practices in our core automation and
builds in bare metal implementations, Kubernetes-managed compute
clusters, and public cloud
- Work with application SREs and application developers to incorporate
security in different layers of application and infrastructure
Learn more about Palo Alto Networks here and check out our fast facts
#LI-MB1