Cyber Security Analyst
Role details
Job location
Tech stack
Job description
The Cyber Security Analyst will participate in the implementation, support, and lifecycle management of Palo Alto Networks Secure Access Service Edge (SASE) solutions within a large-scale enterprise environment. This role focuses on Palo Alto SASE architecture, Prisma Access, Global Protect, Strata Cloud Manager, cloud-delivered security controls, Inspection Zone technologies, security monitoring, threat prevention, and Zero Trust architecture. The ideal candidate will provide advanced engineering support, optimize security platforms, and collaborate with Security Operations, Network Engineering, Incident Response teams, and leadership to improve enterprise security posture. Roles and Responsibilities: Participate in the implementation, support, and lifecycle management of Palo Alto Networks Secure Access Service Edge (SASE) solutions including Prisma Access, Global Protect, and Strata Cloud Manager Maintain integration with Inspection Zone technologies including F5 BIG-IP, SWG/Proxy, and related security platforms Design, deploy, and continuously optimize cloud-delivered security controls including Secure Web Gateway (SWG), CASB, ZTNA, and threat prevention capabilities aligned to Palo Alto SASE architecture Provide advanced engineering support for SASE and Inspection Zone security platforms while partnering with Security Operations, Network Engineering, and Incident Response teams Drive security monitoring, telemetry integration, and policy enforcement across SASE and on-prem inspection environments Perform system hardening, high availability design, and resilience engineering for SASE and Inspection Zone environments Develop failover strategies and service continuity planning to ensure platform reliability Apply Palo Alto threat intelligence and security best practices to proactively reduce enterprise risk exposure Improve detection and response capabilities by leveraging SASE telemetry for incident analysis, threat hunting, and mitigation Develop and report operational and security metrics including policy effectiveness, threat prevention performance, and user activity visibility Collaborate with cross-functional teams and leadership to align SASE strategy with enterprise security architecture and modernization initiatives Support migration from legacy proxy and multi-vendor environments to SASE platforms
Requirements
Hands-on experience with Palo Alto Networks SASE (Prisma Access) including Mobile Users, Remote Networks, and Service Connections Strong understanding of Security Service Edge (SSE) capabilities including SWG, CASB, ZTNA, DNS Security, and SaaS Security Proven experience designing and implementing Zero Trust architectures in large enterprise environments Expertise in policy design, traffic steering, and segmentation within cloud-delivered security platforms Strong knowledge of network protocols including BGP, IPSec, routing, and NAT Experience integrating SASE with on-prem Inspection Zone and hybrid cloud architectures Proficiency with Global Protect and remote access/VPN solutions Hands-on experience with Palo Alto threat prevention technologies including IPS, WildFire, Advanced Threat Prevention, and URL Filtering Experience with automation and scalability using APIs, scripting, Python, Terraform, or infrastructure-as-code tools Strong background in high availability design, system hardening, and performance optimization Experience supporting migration from legacy proxy/multi-vendor environments to SASE platforms Strong understanding of cybersecurity frameworks and best practices including NIST, CIS, and Zero Trust Ability to collaborate cross-functionally, communicate risks effectively, and provide leadership-ready updates 6+ years of Cybersecurity and/or IT-related experience OR 4+ years of Cybersecurity experience with a Bachelor's degree Bachelor of Science or Bachelor of Arts degree preferably in Cybersecurity, Information Security, Computer Science, Management Information Systems, or related field Palo Alto Firewall experience is required Multiple industry-standard certifications such as SANS GIAC/GCIA/GCIH/GCFA, CISSP, CISA, CISM, or other network/system security certifications Experience working with enterprise-scale SASE implementations Experience with F5 BIG-IP, SWG/Proxy, and Inspection Zone technologies Experience supporting security modernization initiatives and cloud security transformation projects