Security Architect

Project Role : Security Architect

Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills : Palo Alto Networks Firewalls

Good to have skills : NA

Minimum 2 year(s) of experience is required

Educational Qualification : 15 years full time education

Summary: We are seeking a highly skilled Senior Network Security Engineer with proven experience in enterprise-grade security technologies including Palo Alto firewalls, IDS/IPS systems, VPN, WAF (Imperva), Cequence Bot Defense, Cloudflare DNS security, and Illumio Zero Trust microsegmentation. The ideal candidate will be responsible for designing, implementing, and maintaining network security controls to protect enterprise infrastructure, applications, and data from advanced cyber threats Roles & Responsibilities: - Firewall & Network Security (Palo Alto, IDS/IPS, VPN) -Configure, deploy, and maintain Palo Alto Networks firewalls, including threat prevention, URL filtering, and App-ID policies. -Manage and monitor intrusion detection and prevention systems (IDS/IPS) for threat detection and response. -Configure and maintain VPN solutions (GlobalProtect or other IPsec/SSL-based systems) for secure remote access.- -Analyze logs and events for unusual activity and support incident investigations. -Automate and optimize firewall rules and network segmentation for least-privilege access. -Bot Protection – Cequence Bot Defense -Deploy and manage Cequence Bot Defense for API security and bot mitigation. -Analyze bot traffic patterns and implement policies to block malicious automation. -Work with DevOps and application teams to integrate Cequence with key digital assets. -DNS & DDoS Security – Cloudflare -Configure and monitor Cloudflare DNS security services including threat blocking, filtering, and DoS mitigation. -Implement policies for DNS-layer protection and content filtering. -Ensure availability and resiliency of DNS infrastructure through Cloudflare edge network - Zero Trust & Microsegmentation – Illumio -Implement and administer Illumio Zero Trust Segmentation for workload isolation and application-level segmentation. -Design and enforce microsegmentation policies to restrict lateral movement and reduce attack surface. -Continuously assess traffic flows to identify over-permissive access and optimize segmentation models. -Web Application Firewall – Imperva WAF -Deploy and manage Imperva WAF to protect critical web applications from OWASP Top 10 and other application-level attacks. -Tune WAF rules to reduce false positives while maintaining effective security posture. -Work with application teams to ensure secure deployment pipelines and integrate security testing Professional & Technical Skills: -Collaborate with SOC, DevOps, Infrastructure, and Application Security teams to improve detection and response. -Maintain security documentation, configuration baselines, and change control records. -Assist in incident response and forensic analysis during security events. -Stay current with emerging threats and recommend appropriate security controls -Hands-on experience with Palo Alto firewalls, IDS/IPS, VPN technologies, and Imperva WAF. -Experience with Cequence Bot Defense, Cloudflare DNS/DDoS protection, and Illumio microsegmentation. -Strong knowledge of TCP/IP, routing, network protocols, and OSI model. -Experience in cybersecurity operations, with a focus on network and perimeter security. -Hands-on experience managing enterprise firewalls, preferably Palo Alto. Experience in Bot protection and DNS security, including tools like Cequence and Cloudflare. -Proven track record in troubleshooting complex firewall and VPN issues in large-scale environments. -Experience conducting firewall audits, rule reviews, and implementing policy enhancements. -Demonstrated ability to manage incident response and change management processes. Experience working in a global delivery model and collaborating with cross-functional teams. Additional Information: - The candidate should have minimum 2 years of experience in Palo Alto Networks Firewalls. - This position is based at our Gurugram office. - A 15 years full time education is required.