Job Description

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

Palo Alto Networks Firewalls

Good to have skills :

NA

Minimum

7.5

year(s) of experience is required

Educational Qualification :

15 years full time education



Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide guidance on best practices, contributing to a secure cloud environment that supports the organization's growth and innovation. Roles & Responsibilities: Network Security Operations & Management -Lead day-to-day management of network security devices including firewalls, VPNs, IPS/IDS, proxies, WAFs, DDoS systems, and segmentation solutions. -Ensure continuous availability, performance, and health of network security infrastructure. -Coordinate with vendors for support, patching, and upgrades. -Review firewall policies, NAT rules, URL filtering, IPS signatures, and ensure optimal configurations. -Develop and implement secure network architecture aligned with best practices. -Drive Zero Trust segmentation, secure hybrid/cloud connectivity, and micro-segmentation initiatives. -Participate in solution design reviews and assess network security impact of new projects. -Ensure alignment of network security controls with overall cybersecurity strategy. Lead, mentor, and guide a team of network security engineers. Allocate resources, manage workloads, and ensure SLA/OLA compliance. Work closely with SOC, IR, threat hunting, and IT/network teams for coordinated defense. Present network security posture, risks, and improvements to leadership. Act as SME during network-related security incidents. Support SOC and IR teams with packet analysis, firewall log analysis, and malicious traffic investigation. Implement immediate containment controls during active threats (e.g., blocking IPs, disabling routes, isolating segments). Conduct root cause analysis and implement corrective actions. Maintain network security standards, hardening guidelines, and baseline configurations. Ensure compliance with ISO 27001, NIST, PCI-DSS, and internal risk/audit requirements. Conduct periodic firewall rule audits, recertifications, and access reviews. Maintain complete and updated documentation: topology diagrams, policies, runbooks, inventory. Identify opportunities to automate network security processes through SOAR/Scripting/API automation. Evaluate emerging technologies such as SASE, ZTNA, SD-WAN, and cloud-native firewalls. Drive initiatives to improve threat visibility and reduce attack surface. Professional & Technical Skills: -Expertise with network security platforms (any combination): -Palo Alto, Cisco ASA/Firepower, , Zscaler, Prisma Access, Akamai, Cloud Azure WAF. -Palo Alto NG FW, Palo Alto IPS/IDS, Panorama -Cloud native Firewalls (Azure NSG, OCI security list) -Prisma Access/ GlobalProtect VPN -Azure WAF -Azure Bastion hosts (AVD) -Firewall policy design & optimization -IPS/IDS, proxy, URL filtering, DNS security -VPN/IPSec/SSL/Remote Access -Network segmentation & micro-segmentation -Cloud network security (AWS/Azure/GCP) -Strong knowledge of network protocols: TCP/IP, BGP, OSPF, DNS, DHCP, VLANs, SD-WAN. -Familiarity with packet capture tools (Wireshark, tcpdump) and traffic analysis. -Scripting knowledge (Python, PowerShell, Bash) is added advantage Preferred certifications:CCNP Security / CCIE Security,PCNSE (Palo Alto),CISSP, Cloud Security certifications (AZ-500, AWS Security, GCP Security) Additional Information: - The candidate should have minimum 7.5 years of experience in Palo Alto Networks Firewalls. - This position is based at our Bengaluru office. - A 15 years full time education is required.




15 years full time education