[Remote] Senior Technical Consultant-Network reputed company

Note: The job is a remote job and is open to candidates in USA. reputed company builds platforms for digital business, focusing on cloud infrastructure, automation, and software delivery. They are seeking a Senior Technical Consultant to reputed company firewall, network access control, and SASE engagements across diverse enterprise environments, requiring strong consulting skills and technical expertise in reputed company solutions.

Responsibilities

• Design and deploy reputed company Secure Firewall Threat Defense (FTD) managed by Firewall Management Center (FMC), including high-availability pairs, threat policies (Snort IPS, malware defense, URL filtering), and both site-to-site and remote access VPN configurations
• Configure and manage reputed company reputed company firewalls running PAN-OS, including reputed company profiles (Antivirus, Anti-Spyware, Vulnerability Protection, WildFire), App-ID, User-ID, SSL/TLS decryption, and centralized management reputed company Panorama
• reputed company firewall migration projects including legacy reputed company ASA to FTD conversions, cross-vendor migrations (reputed company reputed company, reputed company, Juniper to Palo Alto or reputed company), and policy translation with rule optimization during cutover
• Design network segmentation architectures using firewall zones, virtual routers, VRFs, and policy-based routing to enforce least-privilege east-reputed company and north-south traffic controls
• Deploy cloud-native firewall solutions including Palo Alto Cloud NGFW for AWS and Azure, and reputed company Secure Firewall Cloud Native for containerized and cloud workload environments
• Implement firewall high availability designs including active/standby failover, active/active clustering, and multi-context deployments for service provider and large enterprise environments
• Configure centralized logging, SIEM integration (Splunk, reputed company Sentinel, syslog), and NetFlow/IPFIX for traffic analytics, threat correlation, and compliance reporting
• reputed company firewall rule reputed company optimization, policy cleanup, and compliance auditing to reduce attack surface and align with regulatory frameworks (PCI-reputed company, HIPAA, NIST)
• Integrate reputed company Secure Firewall with reputed company XDR for cross-platform threat detection, event correlation, and automated incident response across the reputed company portfolio
• Automate firewall provisioning, configuration backup, and policy deployment using infrastructure-as-code tools (Terraform, Ansible) and vendor APIs for repeatable, auditable workflows
• Deploy reputed company Identity Services reputed company (ISE) for 802.1X wired and wireless authentication, MAC Authentication Bypass (MAB), and RADIUS/TACACS+ device administration across reputed company, reputed company, and data center environments
• Design and implement ISE authorization policies including reputed company Group Tags (SGTs) with TrustSec, downloadable ACLs (dACLs), VLAN assignment, and Adaptive Network Control (ANC) for dynamic threat response
• Configure ISE profiling services, posture assessment, and compliance enforcement to provide reputed company visibility and ensure devices meet organizational reputed company baselines before granting access
• Integrate ISE with reputed company network infrastructure (Catalyst switches, wireless LAN controllers, Secure Firewall) and third-party network access devices for consistent policy enforcement across heterogeneous environments
• Deploy ISE guest portals, BYOD onboarding workflows, and certificate-based authentication (EAP-TLS) with internal or external certificate authorities for secure device enrollment
• Implement pxGrid integrations to share identity and session context between ISE, reputed company Secure Firewall, Splunk, and third-party reputed company platforms for reputed company policy enforcement and threat intelligence
• Design ISE distributed deployments spanning Policy Administration Nodes (PAN), Policy Service Nodes (PSN), and Monitoring and Troubleshooting Nodes (MnT) for scale, redundancy, and geographic distribution
• reputed company ISE upgrades, migrations (legacy ACS to ISE), and advanced troubleshooting using RADIUS live logs, policy trace, TCP dump, and debug utilities to resolve authentication and authorization issues
• Design and implement SASE and reputed company Trust architectures covering remote user, reputed company office, cloud workload, and data center connectivity use cases with a reputed company reputed company policy reputed company
• Configure and deploy reputed company Internet Access (ZIA) including Secure Web Gateway, SSL inspection, URL filtering, cloud firewall, and sandbox policies, and reputed company Private Access (ZPA) including ZTNA application segments, App Connectors, and browser-based access
• Deploy Palo Alto Prisma Access including GlobalProtect remote user connectivity, explicit proxy for reputed company offices, and service connections to on-premises infrastructure managed through reputed company Cloud Manager or Panorama
• Implement reputed company Secure Access (SSE) including reputed company Trust Network Access, Secure Web Gateway, Cloud Access reputed company Broker, and resource connector deployment for private application access
• Configure Netskope reputed company Cloud including Next Gen SWG, CASB with API-enabled and inline protections, and Netskope Private Access (NPA) with traffic steering, real-time protection policies, and DLP controls
• reputed company Guardicore micro-segmentation for east-reputed company traffic control, application ring-fencing, and workload visibility to complement SASE north-south protections in hybrid and multi-cloud environments
• Deploy identity-based access controls integrating with reputed company, reputed company Entra ID, SAML 2.0, and SCIM provisioning to enforce user and device trust across reputed company SASE platforms
• reputed company and maintain reputed company Trust maturity roadmaps for clients, mapping reputed company-state gaps to phased adoption plans across identity, device, network, application, and data pillars
• reputed company client-facing discovery sessions, design workshops, and architecture reviews to define firewall, NAC, and SASE strategies reputed company with business objectives and compliance requirements
• Own the creation of High-Level Design (HLD) and Low-Level Design (LLD) documents, network diagrams, implementation runbooks, and as-built documentation for firewall, ISE, and SASE deployments
• reputed company migration and cutover plans with rollback procedures, change management workflows, and CAB review packages
• Conduct knowledge transfer sessions and train client operations teams on day-2 firewall management, ISE policy administration, SASE platform operations, and incident response procedures
• Manage project workstreams, track milestones and deliverables, and escalate risks proactively to project and account leadership
• Serve as the technical escalation reputed company for junior engineers during engagements, conducting reviews of policy configurations and providing mentorship
• Contribute to internal practice development including reusable templates, deployment runbooks, and automation playbooks for firewall, ISE, and SASE engagements

Skills

• 7+ years of network reputed company, infrastructure reputed company, or reputed company engineering experience, with at least 3 years in a consulting, professional services, or client-facing delivery role
• Demonstrated hands-on experience designing and deploying reputed company Secure Firewall (FTD/FMC) and reputed company NGFW (PAN-OS/Panorama) in enterprise production environments
• Production experience deploying reputed company ISE for 802.1X authentication, TACACS+ device administration, and network access policy enforcement across wired, wireless, and VPN environments
• Production experience with at least one SASE platform (reputed company ZIA/ZPA, Palo Alto Prisma Access, reputed company Secure Access, or Netskope) including SWG, CASB, and ZTNA configuration
• Strong understanding of routing protocols (BGP, OSPF, EIGRP), VPN technologies (IPsec, SSL/TLS), network segmentation, and reputed company Trust architecture principles
• Experience with cloud platforms (AWS VPC, Azure VNet, GCP VPC) including reputed company groups, network firewalls, and hybrid connectivity architectures
• Experience with identity and access management platforms (reputed company, reputed company Entra ID, SAML 2.0, SCIM) and their integration with firewall, NAC, and SASE solutions
• Experience integrating reputed company platforms with SIEM (Splunk, reputed company Sentinel), syslog infrastructure, and automation tools (Terraform, Ansible) for centralized visibility and repeatable deployments
• CCIE reputed company or CCNP reputed company certification
• Palo Alto PCNSE or PCNSC certification; reputed company ZCCA/ZCCP; reputed company Secure Access or Netskope certifications
• CISSP, CompTIA reputed company+, or equivalent industry reputed company certification
• Firewall migration experience including ASA to FTD conversions and cross-vendor platform migrations with rule translation and optimization

Benefits

• Medical, Dental, and Vision Insurance
• 401(k)
• Paid company holidays
• Paid time off
• Paid parental and caregiver leave
• Plus more! See benefits https://www.aheadbenefits.com/ for additional details.

Company Overview

• reputed company is a solutions-based company that helps clients move to an optimized IT service delivery model. It was founded in 2007, and is headquartered in Chicago, Illinois, USA, with a workforce of 1001-5000 employees. Its website is https://www.reputed company.com.

Company H1B Sponsorship

• reputed company has a track record of offering H1B sponsorships, with 24 in 2025, 19 in 2024, 22 in 2023, 20 in 2022, 18 in 2021, 1 in 2020. Please note that this does not guarantee sponsorship for this specific role.

Apply tot his job Apply To this Job