Rackspace Cyber Defence seeks a Security Engineer specializing in network security, particularly Palo Alto firewalls.  The role involves designing, implementing, managing, and improving cloud-native security across Azure, AWS, and/or GCP customer environments. Responsibilities include customer onboarding, platform administration (ideally DevOps-centric), incident handling, acting as an L3 escalation point, developing runbooks and documentation, driving continuous improvement through automation, collaborating with various teams, and maintaining strong stakeholder relationships.  The ideal candidate will have extensive experience in enterprise environments or managed security services, with a focus on network security and Palo Alto firewalls.

Rackspace Technology

Inventory Control Specialist I

Trainee Data Scientist

Government Services Sales Executive VI

Program Lead - AWS Strategic Collaboration

Software Engineer IV

Manager, Professional Services Delivery

Site Reliability Engineer III

AWS Support Engineer L2

AWS L1 Support Engineer

AWS Go To Market Program Manager III

<div class="section page-centered" data-qa="job-description"><div><b style="font-size: 12pt;">About Rackspace Cyber Defence</b></div><div>Rackspace Cyber Defence is our next generation cyber defence and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence driven security services. </div><div><b>Our purpose</b> is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud and multi-cloud workloads.</div><div><b>Our goal</b> is to go beyond traditional security controls to deliver cloud-native, DevOps-centric and fully integrated 24x7x365 cyber defence capabilities that deliver a <b>proactive</b>, <b>threat-informed</b>, <b>risk-based</b>, <b>intelligence-driven</b> approach to detecting and responding to threats.</div><div><b>Our mission</b> is to help our customers:</div><div>·<span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span>Proactively detect and respond to cyber-attacks – 24x7x365.</div><div>·<span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span>Defend against new and emerging risks that impact their business.</div><div>·<span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span>Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments.</div><div>·<span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span>Reduce their exposure to risks that impact their identity and brand.</div><div>·<span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span>Develop operational resilience.</div><div>·<span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span>Maintain compliance with legal, regulatory and compliance obligations.</div><div>&nbsp;</div><div><b style="font-size: 12pt;">What we’re looking for</b></div><div>To support our continued success and deliver a Fanatical Experience™ to our customers, Rackspace Cyber Defence is looking for an Indian based Security Engineer, with a specialism in Network Security to support Rackspace’s strategic customers. </div><div>This role is particularly well-suited to a self-starting, experienced and motivated Sr. Security Engineer, who has a proven record of accomplishment in the design, delivery, management, operation and continuous improvement of enterprise-level cloud security platforms or delivering managed security services to customers. </div><div>The primary focus will be on the design, implementation, management, operation and continuous improvement of cloud-native security across customer Microsoft Azure, AWS and/or Google Cloud Platform (GCP) environment. </div><div>You will also be required to liaise closely with the customer’s key stakeholders, which may include incident response and disaster recovery teams as well as information security. </div><div><br></div><div><b style="font-size: 12pt;">Key Accountabilities</b></div><div>Ensure the Customer’s operational and production environment remains healthy and secure at all the times.</div><div>Assist with customer onboarding – customer onboarding, policy configuration, platform configuration and service transition to security      operations team(s).</div><div>Advance platform administration, ideally through a DevOps-centric approach.</div><div>Critical platform incident handling &amp; closure.</div><div>As an SME, act as an L3 escalation and point of contact for SecOps Analysts during an incident response process</div><div>As an SME, act as a champion and centre of enablement by delivering training, coaching and thought leadership</div><div>Develop and document runbooks, playbooks and knowledgebase articles that drive best practice across teams.</div><div>Drive continuous improvement of Rackspace managed security services through custom development, automation and integration; in collaboration with SecOps Engineering and other Security Engineering team(s)</div><div>Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster      recovery teams as well as information security etc.</div><div>Co-ordinate with vendor for issue resolution.</div><div>Required to work flexible timings.</div><div><b style="font-size: 12pt;">&nbsp;</b></div><div><b style="font-size: 12pt;">Skills &amp; Experience</b></div><div><span style="font-size: 11pt;">Should have 8+ years experience in Security Engineering.</span></div><div><span style="font-size: 11pt;">Experience working in either large, enterprise environments or managed security services environments with a focus on network security.</span></div><div>Experience of working with network security concepts and principles such as firewalls, web application firewalls, IDS/IPS, NDR, micro-segmentation – in both on-premise, cloud-native and hybrid environments</div><div><span style="font-size: 7pt;">&nbsp;</span>Experience with network security tools such as Palo Alto and/or Fortinet.</div><div><span style="font-size: 12pt;">      Troubleshoot IPsec tunnel issues on Palo Alto <a href="http://firewalls.Manage">firewalls.</a></span></div><div><span style="font-size: 12pt;">      Manage firewall operations using <a href="http://Panorama.Upgrade">Panorama.</a></span></div><div><span style="font-size: 12pt;">      Upgrade devices to the latest firmware and configurations.</span></div><div><span style="font-size: 12pt;">Azure Security &amp; Infrastructure:</span></div><div><span style="font-size: 12pt;">      Hands-on experience with Azure VMs hosting Palo Alto firewalls.</span></div><div><span style="font-size: 12pt;">      Solid working knowledge of Azure Storage and overall Azure security practices.</span></div><div>Experience of working in two (or more) of the following additional security domains:</div><div><span style="font-size: 10pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span>Microsoft-centric, cloud native security tools such as Microsoft Sentinel, Microsoft Defender for Cloud, Azure Active Directory, Azure Key Vault and Azure WAF and Azure Firewall.</div><div><span style="font-size: 11pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span><span style="font-size: 11pt;">GCP (Google Cloud Platform) Security Command Centre&nbsp;.</span></div><div><span style="font-size: 11pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span><span style="font-size: 11pt;">AWS (Amazon Web Services) Security Hub including AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail&nbsp;.</span></div><div><span style="font-size: 10pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span><span style="font-size: 11pt;">SIEM platforms such as Microsoft Sentinel (preferred), Google Chronicle, Splunk, QRadar, LogRhythm, Securonix etc.</span></div><div><span style="font-size: 10pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span><span style="font-size: 11pt;">Endpoint Security and Endpoint Detection &amp; Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint and/or Microsoft Defender for Cloud.</span></div><div><span style="font-size: 10pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span>Web Application Firewall (WAF) tools such as Cloudflare, Akamai and Azure WAF.</div><div><span style="font-size: 10pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span>Data Loss Prevention (DLP) tools such as Microsoft Purview, McAfee and Symantec</div><div><span style="font-size: 10pt;">·</span><span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span>Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls. </div><div><span style="font-size: 10pt;">·</span><span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span>Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc.</div><div><span style="font-size: 10pt;">·</span><span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span>Knowledge of scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell.</div><div><span style="font-size: 10pt;">·</span><span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span>Knowledge of DevOps practices such as CI/CD, Azure DevOps, CircleCI, GitHub Actions, Ansible and/or Jenkins.</div><div><span style="font-size: 10pt;">·</span><span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span style="font-size: 11pt;">Computer science, engineering, or information technology related degree (although not a strict requirement)&nbsp;&nbsp;</span></div><div><span style="font-size: 10pt;">·</span><span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span style="font-size: 11pt;">Holds one, or more, of the following certificates (or equivalent): -&nbsp;</span></div><div><span style="font-size: 10pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span><span style="font-size: 11pt;">Certified Information Security Systems Professional (CISSP)&nbsp;</span></div><div><span style="font-size: 10pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span><span style="font-size: 11pt;">Microsoft Certified: Azure Security Engineer Associate (AZ500)&nbsp;</span></div><div><span style="font-size: 10pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span><span style="font-size: 11pt;">Microsoft Certified: Security Operations Analyst Associate (SC-200)&nbsp;</span></div><div><span style="font-size: 10pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span><span style="font-size: 11pt;">CREST Practitioner Intrusion Analyst (CPIA)&nbsp;</span></div><div><span style="font-size: 10pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span><span style="font-size: 11pt;">CREST Registered Intrusion Analyst (CRIA)&nbsp;</span></div><div><span style="font-size: 10pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span><span style="font-size: 11pt;">CREST Certified Network Intrusion Analyst (CCNIA)&nbsp;</span></div><div><span style="font-size: 10pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span><span style="font-size: 11pt;">Systems Security Certified Practitioner (SSCP)&nbsp;</span></div><div><span style="font-size: 10pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span><span style="font-size: 11pt;">Certified Cloud Security Professional (CCSP)&nbsp;</span></div><div><span style="font-size: 10pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span><span style="font-size: 11pt;">GIAC Certified Incident Handler (GCIH)&nbsp;</span></div><div><span style="font-size: 10pt;">o</span><span style="font-size: 7pt;">&nbsp;&nbsp; </span><span style="font-size: 11pt;">GIAC Security Operations Certified (GSOC)&nbsp;</span></div><div>·<span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span>A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail.</div><div>·<span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span>A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture.</div><div>·<span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span>Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure.</div><div>·<span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span>An individual who shows a willingness to go above and beyond in delighting the customer.</div><div>·<span style="font-size: 7pt;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span>A good communicator who can explain security concepts to both technical and non-technical audiences.</div></div>undefinedundefinedundefined

Security Engineer - Palo Alto