[Remote] Network Engineer IV - Palo Alto Prisma
Note: The job is a remote job and is open to candidates in USA. CBTS serves enterprise and midmarket clients in all industries across the United States and Canada. The Network Engineer IV – Palo Alto Prisma is responsible for 24×7 operational support and optimization of enterprise Prisma SASE solutions within a Managed Services environment, serving as a Tier-3 escalation engineer and collaborating closely with various teams to ensure customer satisfaction and service quality.ResponsibilitiesParticipate in a 24×7 on‑call rotation as a Tier‑3 escalation engineer for Prisma SASETroubleshoot and resolve complex issues across:+ Prisma SD‑WAN control and data planes+ Prisma Access (Remote Networks, Mobile Users, Service Connections)+ GlobalProtect, IPsec, and cloud‑delivered firewallingLead high‑severity incident response, customer communications, and root cause analysis (RCA)Act as a technical escalation point during major outagesLead support efforts of Palo Alto Prisma SASE architectures, including:+ Prisma SD‑WAN branch and hub designs+ Prisma Access for ZTNA, SWG, and FWaaSOwn the full service lifecycle:+ Customer onboarding+ Change management+ Platform upgrades and migrations+ DecommissioningValidate and enforce:+ Security policies+ Routing and segmentation strategies+ High availability and resiliency standardsSupport advanced routing implementations:+ BGP (required) including policy control, filtering, and failover+ OSPFEnable and support hybrid and cloud connectivity:+ AWS (VPC, Transit Gateway)+ Azure (vNET, vWAN, ExpressRoute)+ Google Cloud Platform (VPC)Ensure optimized traffic steering, SLA adherence, performance, and application visibilitySupport:+ Zero Trust Network Access (ZTNA)+ Secure Web Gateway (SWG)+ Cloud‑delivered firewall policies (FWaaS)Integrate Prisma Access with:+ Identity providers (SAML, MFA)+ Remote and mobile user access modelsPartner with security teams to align network enforcement with enterprise security postureContribute to automation and standardization using:+ APIs, Python, Ansible, or Terraform (preferred)Improve observability through:+ Prisma dashboards+ Monitoring platforms (e.g., LogicMonitor, SNMP, API‑based telemetry)Develop and maintain:+ SOPs and operational runbooks+ Troubleshooting and escalation guides+ Service readiness documentation for new Prisma releasesMentor Tier‑1 and Tier‑2 engineersCollaborate with Architecture, Product, and Service Management teams to evolve the Prisma SASE managed offeringSkills10+ years of hands-on network engineering experienceHands-on expertise with Prisma SD-WANHands-on expertise with Prisma AccessStrong understanding of cloud-delivered security architecturesStrong understanding of SD-WAN overlays, underlays, and service insertion modelsStrong understanding of traffic steering and policy enforcementAdvanced WAN and routing expertise: BGP (required)Advanced WAN and routing expertise: OSPFStrong knowledge of high availability and redundancy designStrong knowledge of QoS and application-aware routingStrong knowledge of NAT and firewall conceptsStrong knowledge of TCP/IP and dynamic routing protocolsExperience with one or more of the following: Fortinet Secure SD-WAN / FortiSASE, Cisco SD-WAN, Meraki, VMware VeloCloud, Juniper Mist / SSRAbility to translate architectures and concepts across vendorsStrong experience with configuration and support of routers, switches, firewalls, hubs, and WAN infrastructureExperience with hardware and software firewalls: Palo Alto, Fortinet, Check PointProficiency with network monitoring and performance analysis toolsProficiency with Visio for detailed network diagramsFamiliarity with wireless technologies and site surveysFamiliarity with security intelligence sources (e.g., CERT, BugTraq)Palo Alto Networks Certified SD-WAN Engineer requiredPalo Alto Networks Certified Security Service Edge Engineer requiredBachelor's degree in a related field, or equivalent practical experienceAPIs, Python, Ansible, or TerraformPrior experience in network design or sales engineeringPalo Alto Prisma Certified Cloud Security Engineer (PCCSE) highly recommendedCisco certifications (CCNP or CCIE) highly recommendedCompany OverviewCBTS provides end-to-end IT and communications solutions that allow businesses to improve efficiency, enable innovation, and mitigate risk. It was founded in 1994, and is headquartered in Cincinnati, Ohio, USA, with a workforce of 1001-5000 employees. Its website is https://www.cbts.com.Company H1B SponsorshipCBTS has a track record of offering H1B sponsorships, with 1 in 2020. Please note that this does not guarantee sponsorship for this specific role.