Senior Network Security Engineer- Palo Alto Firewall

At Broadridge, we've built a culture where the highest goal is to empower others to accomplish more. If you’re passionate about developing your career, while helping others along the way, come join the Broadridge team.

Role and Responsibilities:

• Design, deploy, implement, and support Palo Alto Networks firewalls across enterprise environments.
• Lead and execute firewall migration projects from Cisco ASA and Cisco Firepower to Palo Alto firewalls, including assessment, rule translation, migration planning, testing, cutover, and post-migration support.
• Analyze existing Cisco ASA / Cisco Firepower firewall configurations, policies, objects, NAT rules, VPN settings, and security controls, and map them to Palo Alto firewall architecture and policy constructs.
• Plan and implement firewall migration strategies with minimal business disruption, including dependency analysis, phased migration, validation testing, and rollback planning.
• Configure, optimize, and troubleshoot Palo Alto security policies, NAT rules, application controls, URL filtering, decryption policies, and threat prevention profiles.
• Implement and manage Palo Alto Advanced Threat Prevention (ATP) and related security subscription services and features to strengthen protection against advanced threats.
• Lead firewall implementation projects, including new deployments, upgrades, policy standardization, and rule-base optimization.
• Review, analyze, and optimize firewall rule sets to ensure alignment with security standards, least privilege principles, and operational best practices.
• Troubleshoot complex network security issues related to traffic flow, policy enforcement, application dependencies, connectivity issues, and threat prevention controls.
• Support secure network architecture initiatives including segmentation, high availability, redundancy, and disaster recovery design considerations.
• Collaborate with network, cloud, infrastructure, and application teams to define and implement effective firewall and IPS controls based on business and technical requirements.
• Provide operational support for mission-critical production environments, including incident response, root cause analysis, and problem management related to firewall technologies.
• Review logs, alerts, and security events to identify threats, anomalies, misconfigurations, and opportunities for improving the firewall security posture.
• Participate in change management activities, including creating, reviewing, and implementing technical procedures, test plans, and rollback strategies.
• Develop and maintain automation scripts using Python, PowerShell scripting, or similar technologies to improve firewall operations, reporting, policy validation, migration activities, and repetitive administrative tasks.
• Support audit and compliance activities by providing required firewall evidence, configuration details, rule review outputs, and policy validation documentation.
• Collaborate with internal teams and vendors to implement new security capabilities, improve operational efficiency, and adopt best practices in firewall engineering and automation.
• Mentor junior engineers and contribute to documentation, process standardization, and knowledge-sharing initiatives across the team.
• Contribute to a global support model, including rotational on-call support and coordination with cross-functional teams as required.
• Additional expertise is desired in the technologies used in the environment to maintain enterprise network security.

Requirements:

• Bachelor’s degree in computer science, Information Security, Information Technology, or a related field.
• 10 to 12 years of overall IT experience, with at least 8+ years of strong hands-on experience in network security engineering.
• Strong hands-on experience in the design, deployment, and administration of Palo Alto Networks firewalls in enterprise environments.
• Proven experience in migrating Cisco ASA and/or Cisco Firepower firewall environments to Palo Alto firewalls.
• Good operational experience with Palo Alto Advanced Threat Prevention (ATP) and related threat prevention and security subscription services.
• Experience in firewall policy creation, rule review, NAT, VPN, segmentation, application control, logging, and troubleshooting.
• Good knowledge of Cisco ASA, Cisco Firepower, and other firewall technologies such as Fortinet, Check Point, Juniper SRX, or similar platforms.
• Strong understanding of Intrusion Prevention Systems (IPS) and associated network security concepts.
• Strong understanding of network security fundamentals, including TCP/IP, routing, switching, NAT, VPN, segmentation, access control, and secure network design.
• Experience troubleshooting complex firewall and network security issues in enterprise production environments.
• Hands-on experience with automation and scripting using Python, PowerShell scripting, or similar technologies.
• Experience integrating firewall controls with logging, monitoring, SIEM, or security operations platforms.
• Experience with change management, implementation procedures, technical documentation, and operational runbooks.
• Strong troubleshooting, analytical, and problem-solving skills.
• Strong verbal and written communication skills, with the ability to work effectively across technical and non-technical teams.
• Ability to work in shifts, support rotational on-call, and handle priority incidents or planned activities outside regular business hours when required.
• Experience supporting audit, compliance, and risk management requirements in enterprise environments.
• Familiarity with cloud network security concepts in AWS and Azure environments is a plus.
• Exposure to security operations, threat prevention, and enterprise network segmentation.
• Experience integrating automation with APIs, ticketing systems, or workflow platforms is an added advantage.

Industry certifications such as:

• PCNSE
• Palo Alto Networks Cybersecurity Associate/Professional certifications
• CCNP Security
• CISSP

We are dedicated to fostering a collaborative, engaging, and inclusive environment and are committed to providing a workplace that empowers associates to be authentic and bring their best to work. We believe that associates do their best when they feel safe, understood, and valued, and we work diligently and collaboratively to ensure Broadridge is a company—and ultimately a community—that recognizes and celebrates everyone’s unique perspective. 

Use of AI in Hiring 

As part of the recruiting process, Broadridge may use technology, including artificial intelligence (AI)-based tools, to help review and evaluate applications. These tools are used only to support our recruiters and hiring managers, and all employment decisions include human review to ensure fairness, accuracy, and compliance with applicable laws. Please note that honesty and transparency are critical to our hiring process. Any attempt to falsify, misrepresent, or disguise information in an application, resume, assessment, or interview will result in disqualification from consideration.