[Remote] Network Engineer IV - Palo Alto Prisma
Note: The job is a remote job and is open to candidates in USA. CBTS serves enterprise and midmarket clients across the United States and Canada, providing a full suite of flexible technology solutions. The Network Engineer IV – Palo Alto Prisma is responsible for the 24×7 operational support and optimization of enterprise Prisma SASE solutions, serving as a Tier-3 escalation engineer for complex customer environments.ResponsibilitiesParticipate in a 24×7 on‑call rotation as a Tier‑3 escalation engineer for Prisma SASETroubleshoot and resolve complex issues across:Prisma SD‑WAN control and data planesPrisma Access (Remote Networks, Mobile Users, Service Connections)GlobalProtect, IPsec, and cloud‑delivered firewallingLead high‑severity incident response, customer communications, and root cause analysis (RCA)Act as a technical escalation point during major outagesLead support efforts of Palo Alto Prisma SASE architectures, including:Prisma SD‑WAN branch and hub designsPrisma Access for ZTNA, SWG, and FWaaSOwn the full service lifecycle:Customer onboardingChange managementPlatform upgrades and migrationsDecommissioningValidate and enforce:Security policiesRouting and segmentation strategiesHigh availability and resiliency standardsSupport advanced routing implementations:BGP (required) including policy control, filtering, and failoverOSPFEnable and support hybrid and cloud connectivity:AWS (VPC, Transit Gateway)Azure (vNET, vWAN, ExpressRoute)Google Cloud Platform (VPC)Ensure optimized traffic steering, SLA adherence, performance, and application visibilitySupport:Zero Trust Network Access (ZTNA)Secure Web Gateway (SWG)Cloud‑delivered firewall policies (FWaaS)Integrate Prisma Access with:Identity providers (SAML, MFA)Remote and mobile user access modelsPartner with security teams to align network enforcement with enterprise security postureContribute to automation and standardization using:APIs, Python, Ansible, or Terraform (preferred)Improve observability through:Prisma dashboardsMonitoring platforms (e.g., LogicMonitor, SNMP, API‑based telemetry)Develop and maintain:SOPs and operational runbooksTroubleshooting and escalation guidesService readiness documentation for new Prisma releasesMentor Tier‑1 and Tier‑2 engineersCollaborate with Architecture, Product, and Service Management teams to evolve the Prisma SASE managed offeringSkills10+ years of hands-on network engineering experiencePalo Alto Networks Certified SD-WAN Engineer requiredPalo Alto Networks Certified Security Service Edge Engineer requiredBachelor's degree in a related field, or equivalent practical experienceHands-on expertise with Prisma SD-WANHands-on expertise with Prisma AccessAdvanced WAN and routing expertise: BGP (required)Advanced WAN and routing expertise: OSPFStrong understanding of cloud-delivered security architecturesStrong understanding of SD-WAN overlays, underlays, and service insertion modelsStrong knowledge of high availability and redundancy designStrong knowledge of QoS and application-aware routingStrong knowledge of NAT and firewall conceptsStrong knowledge of TCP/IP and dynamic routing protocolsStrong experience with configuration and support of routers, switches, firewalls, hubs, and WAN infrastructureExperience with hardware and software firewalls: Palo Alto, Fortinet, Check PointExperience with one or more of the following (Prisma remains the primary focus): Fortinet Secure SD-WAN / FortiSASE, Cisco SD-WAN, Meraki, VMware VeloCloud, Juniper Mist / SSRPrior experience in network design or sales engineering is a plusProficiency with network monitoring and performance analysis toolsProficiency with Visio for detailed network diagramsFamiliarity with wireless technologies and site surveysFamiliarity with security intelligence sources (e.g., CERT, BugTraq)Palo Alto Prisma Certified Cloud Security Engineer (PCCSE) highly recommendedCisco certifications (CCNP or CCIE) highly recommendedContribute to automation and standardization using APIs, Python, Ansible, or Terraform (preferred)Company OverviewCBTS provides end-to-end IT and communications solutions that allow businesses to improve efficiency, enable innovation, and mitigate risk. It was founded in 1994, and is headquartered in Cincinnati, Ohio, USA, with a workforce of 1001-5000 employees. Its website is https://www.cbts.com.Company H1B SponsorshipCBTS has a track record of offering H1B sponsorships, with 1 in 2020. Please note that this does not guarantee sponsorship for this specific role.