Key skills
Network EngineeringFirewall AdministrationPalo Alto Networks FirewallsPAN-OSPanoramaFirewall Policy DesignNATZonesVirtual RoutersHigh-Availability Firewall DeploymentsVPNsThreat PreventionURL FilteringLoggingTCP/IPBGPOSPFVRFsVLANsMPLSDNSDHCPIPsecRoutingSwitchingPacket AnalysisNetwork TroubleshootingSecure Datacenter NetworkingCloud ConnectivityMulti-Site Network DesignNetwork AutomationAnsiblePythonTerraformGitCI/CD WorkflowsPalo Alto APIsPCNSEPCNSACCNP SecurityCCNP EnterpriseJNCIPCISSPAICI/CDLeadershipChange ManagementCommunicationNetwork SecurityZero TrustFirewall
About this role
Core42 is a leader in AI-powered cloud and digital infrastructure, driving transformative technology solutions globally. The company is seeking an experienced Lead Network Engineer to design, implement, secure, and operate network infrastructure supporting large-scale AI and cloud environments, with a focus on Palo Alto Networks firewalls and network security.
Responsibilities:
- Design, implement, and manage Palo Alto Networks firewall policies to control, inspect, and secure traffic across enterprise, datacenter, cloud, and GPUaaS environments
- Administer Palo Alto firewalls using Panorama, including device groups, templates, template stacks, policy objects, address groups, application groups, shared policies, and centralized configuration management
- Build and maintain security policies using App-ID, User-ID, Content-ID, URL filtering, threat prevention, wildfire analysis, DNS security, antivirus, anti-spyware, vulnerability protection, and decryption policies where applicable
- Develop and enforce secure network segmentation strategies for multi-tenant environments, including tenant isolation, management-plane separation, production/non-production separation, and restricted administrative access
- Configure and troubleshoot firewall networking features including zones, virtual routers, NAT, security policies, policy-based forwarding, GlobalProtect, site-to-site VPNs, IPSec tunnels, and high-availability firewall pairs
- Deploy, validate, and support datacenter network infrastructure including front-end fabrics, back-end fabrics, management networks, out-of-band networks, and secure connectivity into AI/HPC environments
- Partner with security teams to align firewall configurations with enterprise security standards, audit requirements, zero trust principles, and compliance objectives
- Perform firewall rule reviews, policy cleanup, risk analysis, object normalization, and lifecycle management to reduce technical debt and improve security posture
- Analyze firewall logs, traffic flows, packet captures, threat logs, system logs, and application usage data to troubleshoot connectivity issues and identify security anomalies
- Support routing and network integration involving BGP, OSPF, static routing, VRFs, VLANs, MPLS, VXLAN/EVPN, NAT, and routed firewall deployments
- Implement monitoring, alerting, and logging for firewall health, traffic patterns, blocked traffic, policy hits, VPN status, HA status, and security events
- Document network architecture, firewall policy standards, traffic flows, segmentation models, escalation procedures, and change management processes
- Participate in incident response activities involving firewall logs, network containment, traffic analysis, emergency policy changes, and post-incident reviews
- Collaborate with engineering, operations, security, and platform teams to ensure network and firewall designs meet performance, resiliency, security, and scalability requirements
- Assist with automation efforts using tools such as Ansible, Python, Terraform, REST APIs, or Palo Alto XML/API integrations to standardize firewall policy deployment and operational workflows
Requirements:
- 10+ years of hands-on network engineering experience in enterprise, datacenter, cloud, service provider, HPC, or large-scale infrastructure environments
- 5+ years of hands-on firewall administration experience, with strong preference for Palo Alto Networks firewalls
- Deep working knowledge of Palo Alto PAN-OS, Panorama, security policy management, NAT, zones, virtual routers, HA, VPNs, threat prevention, URL filtering, and logging
- Strong understanding of firewall policy design, including least-privilege access, application-based rules, zone-based segmentation, policy ordering, cleanup rules, and object management
- Experience supporting high-availability firewall deployments, firewall upgrades, content updates, certificate management, and production change control
- Strong networking fundamentals, including TCP/IP, BGP, OSPF, VRFs, VLANs, MPLS, NAT, DNS, DHCP, IPsec, routing, switching, and packet analysis
- Experience troubleshooting complex network and firewall issues using tools such as Panorama logs, Palo Alto CLI, packet captures, Wireshark, NetFlow, SNMP, syslog, and SIEM platforms
- Experience with secure datacenter networking, cloud connectivity, hybrid environments, and multi-site network designs
- Ability to translate application, security, and business requirements into secure network and firewall policy designs
- Experience creating and maintaining technical documentation, network diagrams, firewall rule documentation, traffic-flow diagrams, and operational runbooks
- Strong communication skills with the ability to work across network, security, infrastructure, application, and leadership teams
- Experience in GPUaaS, HPC, AI infrastructure, large-scale cloud, or high-performance datacenter environments
- Experience with zero trust architecture, microsegmentation, tenant isolation, and compliance-driven network security controls
- Familiarity with network automation using Ansible, Python, Terraform, Git, CI/CD workflows, or Palo Alto APIs
- Experience with load balancers, proxy platforms, IDS/IPS systems, DDoS protection, and enterprise monitoring platforms
- Relevant certifications such as PCNSE, PCNSA, CCNP Security, CCNP Enterprise, JNCIP, CISSP, or equivalent