Cyber Palo Alto Networks Security Engineer/ Senior Consultant, Strategy, Growth, and Transformation
Job Description
Based in Milwaukee, Deloitte's Cyber Enterprise Security practice focuses on modernizing network defenses with cloud-delivered zero trust architectures and Palo Alto Networks solutions across on-prem and cloud environments. In this Senior Consultant role within Strategy, Growth, and Transformation, you will influence security strategy, guide client engagements, and help drive transformation initiatives that strengthen digital security postures.
Responsibilities
- Design, deploy, and operate Palo Alto Networks Next-Generation Firewalls across both on-premises data centers and cloud platforms, including AWS, Azure, and GCP.
- Deploy and optimize Prisma Access components such as GlobalProtect, Prisma Agent, and Prisma Browser to enable secure internet and remote access use cases.
- Administer Panorama and Strata Cloud Manager to deliver centralized policy governance, consistent device configurations, and visibility across enterprise environments.
- Configure and tune security controls such as Threat Prevention, IPS/IDS, Anti-Spyware, Antivirus, WildFire, DNS Security, and SSL/TLS decryption policies.
- Develop client-focused solution designs and recommendations that integrate Palo Alto deployments with SIEM/SOAR and identity provider tools, while supporting automation via Terraform, Ansible, or Python.
Requirements
- Bachelor's degree in a technical field (e.g., Computer Science, Cyber Security, Information Technology) or equivalent work experience.
- PCNSE certification.
- Five-plus years of progressively responsible network security engineering experience with demonstrated depth in Palo Alto technologies and growing technical ownership and leadership.
- Five-plus years hands-on designing, deploying, and managing Palo Alto NGFWs in on-premises and cloud environments (AWS, Azure, and/or GCP).
- Three-plus years designing, deploying, and managing Prisma Access, including GlobalProtect, Prisma Agent, and Prisma Browser for internet and remote access use cases.
- Three-plus years managing Panorama and Strata Cloud Manager.
- Three-plus years configuring Threat Prevention features including IPS/IDS, Anti-Spyware, Antivirus, WildFire, and DNS Security.
- Three-plus years implementing SSL/TLS decryption policies, including forward proxy and inbound inspection, certificate management, and decryption exclusion handling.
- Three-plus years defining, managing, and reviewing security policies, including rule base optimization and policy lifecycle management.
- Three-plus years working with one or more cloud providers (AWS, GCP, Azure) and their native security toolsets, including VM-Series deployment in cloud-native architectures.
- Ability to travel up to 50% on average.
- Limited immigration sponsorship may be available.
Technologies
- Palo Alto Networks NGFW, Prisma Access, GlobalProtect, Prisma Agent, Prisma Browser
- Panorama, Strata Cloud Manager, Threat Prevention, IPS, IDS
- Anti-Spyware, Antivirus, WildFire, DNS Security, SSL/TLS decryption
- Terraform, Ansible, Python
- AWS, Azure, GCP, VM-Series
- Splunk, Microsoft Sentinel, Palo Alto XSOAR
- Okta, Azure AD, Ping Identity, Palo Alto Cloud Identity Engine (CIE)
- Zscaler, Netskope, SAML/SCIM
The Team
Our Enterprise Security offering embeds security into digital transformation by protecting a client’s technical backbone while enabling secure innovation. The practice encompasses security architecture, secure development and deployment, end-to-end cyber cloud capabilities, application security, and security for emerging technologies and connected products.
Details
- Location: Milwaukee, WI (onsite)
- Compensation: USD 105,400 - 207,800 per year
- Experience: 3+ years of relevant network security engineering experience
- Education: BA/BS degree in a technical field