Sr Cloud Infrastructure Security Engineer Devops

We are reshaping the cybersecurity market through our cloud-delivered security services, and our cloud infrastructure is quickly and massively growing with a global footprint. We’re looking for great SREs, as well as software engineers interested in production engineering, to help us scale the largest enterprise security cloud infrastructure in the world.

Description:

Palo Alto Networks reinvented the enterprise firewall, growing from a start-up to a multi-billion-dollar company. Our Application Framework, the latest offering in our cloud-delivered security services, ingests security events from hundreds of thousands of firewalls deployed across the globe to provide a massive data analytics platform for deep inspection, anomaly detection, and actionable security automation. Our cloud infrastructure is home to a series of massive and complicated distributed systems and virtualization software platforms which enable big data processing around security services, sandboxing and malware detection, URL categorization and malicious site/domain identification, and security research/response.

Qualifications

• Deep knowledge of Linux and the networking stack, with hands-on experience in large infrastructure security in data centers and public cloud
• Experience with security at the host level including iptables and rule automation, as well as network-level east-west and north-south security best practices.
• Experience in creating automated frameworks for vulnerability management such as automated OS/kernel patching including kernel patching, Java upgrades, Python upgrades, and Docker security at large scale
• Experience and knowledge of working with security tool APIs such as Nexpose, Tenable, etc.
• Experience and knowledge of various security compliance standards such as PCI, FedRAMP, SOC2 controls, as well as auditing and reporting
• Knowledge and understanding of WAS application tools such as Qualys/Burp suite and building tools as necessary to facilitate web application remediation
• Experience in automated provisioning of network devices (ie Arista switches with Ansible or Saltstack or building Python tools to interface with network devices)

Responsibilities

• Working with teams to work through, and contribute to, our security roadmap – from a reference architecture and design to implementation
• Working with system/platform SREs and application SREs to make sure security is properly implemented and monitored
• Write automation code and leverage tools for large-scale vulnerability management, security rule enforcement, auditing, reporting
• Interface with InfoSec team on planning and implementing security-focused projects, participate in incident response
• Incorporate hardening best practices in our core automation and builds in bare metal implementations, Kubernetes-managed compute clusters, and public cloud
• Work with application SREs and application developers to incorporate security in different layers of application and infrastructure

Learn more about Palo Alto Networkshereand check out ourfast facts #LI-MB1