Network Security Architect jobs in United States
cer-icon
Apply on Employer Site
company-logo

Sira Consulting, an Inc 5000 company · 5 hours ago

Network Security Architect

positionSanta Clara, CA
timeContract
remoteOnsite
senioritySenior Level, Lead/Staff
date10+ years exp

Sira Consulting, an Inc 5000 company, is seeking a Network Security Architect to provide advanced operational support and architecture for Palo Alto firewalls. The role involves troubleshooting, policy management, and strategic initiatives to enhance network security and efficiency.

ContentMobile AppsTrainingWeb Design
check
H1B Sponsor Likelynote
Hiring Manager
Swapnil Sagar
linkedin

Responsibilities

Provide L3-level support for Palo Alto firewalls, including incident response and change management
Perform advanced configuration, rule base management, and policy optimization
Monitor firewall health, performance, and logs; proactively identify and resolve issues
Conduct root cause analysis for recurring or complex firewall/network problems
Manage upgrades, patches, and firmware updates for Palo Alto devices
Collaborate with SOC and IT teams to analyze and respond to security incidents
Mentor and guide L1/L2 support teams
Work with network architects to design secure network segmentation and DMZ architectures
Review and implement change requests, ensuring compliance with security standards and ITIL processes
Maintain detailed documentation for configurations, operational procedures, and troubleshooting guides
Participate in audits and compliance activities related to network security
Device Group Hierarchy Implementation: Design and implement proper device group hierarchy across Palo Alto firewalls; eliminate redundant device groups (e.g., Internet and Internet_Syslog) to improve efficiency and reduce risk; address object limit commit issues and external dynamic list object limit avoidance; deduplicate security policies across device groups
Firewall Hardware Rationalization: Decommission legacy firewalls (e.g., CCASJC34-LAMR-UTM-1, 2, 3, 4) to reduce hardware footprint and cost; replace end-of-life PA-220 firewalls (3 units) to align with PAN-OS 11.1 standards; eliminate 25 IPS firewall devices and migrate IPS functionality to existing on-prem firewalls
Prisma Access Decommissioning: Plan and execute elimination of Prisma Access to reduce cost and complexity; implement India central VM firewall and coordinate with GIS team for network changes; transition internet access for sites currently using Prisma to on-prem solutions
Policy & Configuration Improvements: Analyze and recommend improvements for Internet Access Policies (workstations/servers), including on-prem and remote controls; address URL entry issues and provide analysis for a 'closed-door' approach; fix vWire interface configurations to ensure VLAN inspection consistency
Operational Monitoring & Best Practices: Recommend enhancements for operational monitoring and alerting (implementation not in scope); conduct health checks and best practices assessment; provide remediation recommendations

Qualification

Palo Alto Networks PAN-OSSecurity policiesNATVPN (IPSec/SSL)Troubleshooting complex issuesCentralized management (Panorama)TCP/IPVLANsChange managementITIL processesRelevant certificationsRisk mitigation mindsetAnalytical skillsDocumentation skillsCommunication skillsAttention to detailCollaborative work

Required

10+ years of experience in network security operations, with at least 8 years focused on Palo Alto firewall administration
Strong expertise in Palo Alto Networks PAN-OS, security policies, NAT, VPN (IPSec/SSL), and threat prevention features
Proficient in troubleshooting complex firewall and network issues (routing, connectivity, performance)
Experience with centralized management platforms (Panorama)
Familiarity with integration of firewalls with SIEM, IDS/IPS, and other security tools
Solid understanding of TCP/IP, VLANs, DMZ, and network segmentation
Knowledge of change management and ITIL processes
Relevant certifications (PCNSE, PCNSA, CISSP, CCNP Security) preferred
Excellent communication and documentation skills
Bachelor's degree in computer science, Information Technology, or related field (or equivalent experience)
Proven experience in device group hierarchy design and policy optimization
Hands-on experience with firewall hardware lifecycle management and migration
Familiarity with Prisma Access and VM firewall deployment
Strong knowledge of PAN-OS, security policies, and object management
Understanding of VLAN configurations and virtual wire interfaces
Ability to analyze and recommend improvements for security posture and operational resilience

Preferred

Palo Alto Networks certifications (PCNSE, PCCSE)
Experience with large-scale firewall deployments and global network environments
Strong troubleshooting and analytical skills

Company

Sira Consulting, an Inc 5000 company

twittertwitter
company-logo
SiRA Consulting is a Certified MBE consulting company that was founded in 2012.
dateFounded in 2012
location
Houston, Texas, USA
people-size201-500 employees
web-link
https://siraconsultinginc.com

H1B Sponsorship

Sira Consulting, an Inc 5000 company has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (14)
2024 (50)
2023 (42)
2022 (63)
2021 (86)
2020 (70)

Funding

Current Stage
Growth Stage
Company data provided by crunchbase