Principal Security Engineer Global Firewall Strategy & Engineering

IS3 Solutions

Charlotte, NC

JOB DETAILS
SKILLS
Amazon Web Services (AWS), Analysis Skills, Ansible, Application Programming Interface (API), Applications Security, Artificial Intelligence (AI), Automation, Best Practices, Change Management, Cloud Computing, Communication Skills, Computer Science, Computer Security, Continuous Improvement, DNS (Domain Name System), Design Patterns Programming Methodologies, Enterprise Architecture, Enterprise Protection, Firewalls, GCP (Good Clinical Practices), Hybrid Cloud, Identify Issues, Information/Data Security (InfoSec), Internet Security, Leadership, Machine Learning, Mentoring, Microsoft Windows Azure, Network Architecture/Engineering, Network Operations Center, Network Routing, Network Security, Network Switching, Operational Improvement, Operations Processes, Performance Management, Policy Development, Policy Implementation, Process Improvement, Process Management, Python Programming/Scripting Language, Regulatory Compliance, Risk, Risk Analysis, SSL-TLS (Secure Socket Layer - Transport Layer Security), Security Analysis, Security Architecture, Security Information and Event Management (SIEM), Security Infrastructure, Security Policy, Strategic Planning, TCP/IP (Transmission Control Protocol/Internet Protocol), Technical Leadership, Technical Strategy
LOCATION
Charlotte, NC
POSTED
Today

We are seeking a highly experienced Principal Security Engineer to lead the strategy, engineering, optimization, and modernization of our global firewall infrastructure. This is a hands-on technical leadership role responsible for driving enterprise-wide firewall policy governance, standardization, and operational excellence across a complex global environment.

The ideal candidate will possess deep expertise in Palo Alto Networks firewalls and Panorama, with a proven ability to design scalable security architectures, optimize policy frameworks, eliminate operational bottlenecks, and improve security effectiveness through automation and innovation. This individual will partner with security architecture, infrastructure, networking, operations, and application teams to modernize the organization's firewall posture while maintaining strong security controls and business agility.

Additionally, experience leveraging AI-driven security operations, automation, and vulnerability management approaches is highly desirable. Key Responsibilities Firewall Strategy & Engineering

  • Serve as the technical lead and subject matter expert for the enterprise firewall environment.
  • Design, implement, and maintain global firewall standards, policies, and governance processes.
  • Lead enterprise-wide firewall policy standardization initiatives across multiple regions, business units, and environments.
  • Establish scalable firewall design patterns that support cloud, data center, and hybrid infrastructures.
  • Drive continuous improvement of firewall architecture, security controls, and operational processes. Policy Management & Optimization
  • Own firewall rule lifecycle management, including design, implementation, validation, and ongoing maintenance.
  • Develop and maintain policy sequencing strategies to improve performance, manageability, and security effectiveness.
  • Perform rule reviews, policy tuning, cleanup, and recertification activities.
  • Identify redundant, orphaned, shadowed, and overly permissive firewall rules.
  • Implement best practices for change management, policy governance, and compliance requirements. Security Analysis & Modernization
  • Analyze firewall environments to identify gaps, risks, inefficiencies, and operational bottlenecks.
  • Conduct assessments and develop strategic roadmaps to modernize firewall operations and architecture.
  • Drive the adoption of advanced security capabilities including application-based policies, threat prevention, DNS security, SSL inspection, and zero-trust principles.
  • Partner with architecture and engineering teams to improve segmentation and security posture across the enterprise. Automation & AI Innovation
  • Evaluate and implement automation opportunities to improve firewall operations, policy deployment, compliance reporting, and vulnerability remediation.
  • Leverage AI, analytics, and machine learning technologies where applicable to streamline security workflows and enhance operational efficiency.
  • Identify opportunities to reduce manual effort through intelligent automation and infrastructure-as-code methodologies.
  • Collaborate with vulnerability management teams to automate risk-based remediation and policy recommendations. Leadership & Collaboration
  • Act as the senior technical advisor for firewall engineering initiatives and strategic security programs.
  • Mentor engineers and provide technical guidance on firewall and network security best practices.
  • Work closely with network engineering, cloud, infrastructure, security operations, and compliance teams.
  • Influence enterprise security standards and contribute to long-term cybersecurity strategy. Required Qualifications
  • Bachelor's degree in Information Security, Computer Science, Engineering, or equivalent experience.
  • 10+ years of experience in network security engineering within large-scale enterprise environments.
  • 5+ years of advanced experience with Palo Alto Networks Firewalls and Panorama.
  • Deep expertise in:
    • Firewall policy design and implementation
    • Security policy optimization and sequencing
    • Network segmentation
    • Threat prevention technologies
    • Enterprise security architecture
    • Multi-site/global firewall deployments
  • Strong understanding of:
    • TCP/IP networking
    • Routing and switching
    • Network security architectures
    • Hybrid and cloud networking models
    • Zero Trust security frameworks
  • Experience leading enterprise security modernization initiatives.
  • Strong analytical, troubleshooting, and communication skills.
  • Ability to translate technical findings into strategic recommendations for leadership. Preferred Qualifications
  • Experience with firewall automation using APIs, Python, Ansible, Terraform, or Infrastructure-as-Code solutions.
  • Experience integrating security controls with cloud platforms including AWS, Azure, or GCP.
  • Knowledge of vulnerability management platforms and risk-based remediation processes.
  • Experience leveraging AI-driven operational efficiencies within cybersecurity programs.
  • Familiarity with security analytics, SIEM, SOAR, and security automation technologies.
  • Palo Alto certifications such as:
    • PCNSA
    • PCNSE
    • Palo Alto Cybersecurity Professional certifications
  • CISSP, CISM, or equivalent security certification preferred.

About the Company

I

IS3 Solutions