Experience- 5 to 8 years.
Location- PAN LTIM.
We are seeking a hands-on Network Security Automation Engineer to design, build, and operate automation across our network security stack. The ideal candidate has strong software engineering fundamentals (Python/REST/CI/CD), knowledge of firewalls and cloud security, and a track record of building robust automation for policy orchestration, compliance, change management, and response workflows (SIEM/SOAR).
Key Responsibilities
- Design and implement automation for firewall policy lifecycle (create/modify/decommission), NAT, objects, address groups, URL categories, SSL decryption, and rule optimization.
- Build scalable workflows integrating REST/JSON APIs of Palo Alto (PAN-OS), Fortinet, Check Point and SASE (e.g., Prisma Access/Netskope/Zscaler).
- Create IaC modules (e.g., Terraform for security policies / objects) and Ansible playbooks / collections for consistent configuration across environments.
- Develop reusable Python libraries / CLI tools; package and version modules; maintain documentation and unit tests.
- Build pipelines for SDWAN (e.g., Prisma SDWAN / Fortinet SDWAN) and ZTNA / SASE policy automation, posture checks, and identity/context-aware rules.
- Implement configuration drift detection, continuous compliance (CIS / NIST / ISO), and audit-ready reporting.
- Develop telemetry pipelines (syslog / API polling / webhooks) and dashboards for policy health, rule hygiene, hit counts, shadowed/duplicate rules, and KPIs.
- Optimize performance: automate rule cleanup, object reuse analysis, and policy rationalization across vendors.
- Identify high-impact AI/ML use cases within the domains of infrastructure security, deployment pipelines (CI/CD), security operations (SecOps), and large-scale system troubleshooting
- Keep abreast of the latest advancements in AI/ML, particularly in the domain of Generative AI, and evaluate their potential application to infrastructure security workflows
Required Qualification / Certifications
- Ansible, Terraform, CI/CD and Python. Bash / PowerShell is a plus.
- Proficiency in REST APIs, JSON / YAML, and webhooks; experience building internal API services/microservices is valued.
- Fundamental understanding of security products like firewalls, SASE, SDWAN
- Policy constructs: security / NAT rules, appID / userID, URL / Threat profiles, SSL decryption, zones / virtual routers, objects / address groups.
- Strong documentation, testing, and stakeholder communication.
- Generative AI: Experience utilizing Large Language Models (LLMs) or building RAG (Retrieval-Augmented Generation) applications for tasks like summarizing incident reports or generating troubleshooting runbooks.
- Proficiency in Python and demonstrable experience with core ML libraries (e.g., scikit-learn, TensorFlow, PyTorch)
Preferred Skills
- Languages: Python, Bash, PowerShell
- Automation: Ansible, Terraform, Git, CI/CD pipelines
- Security Platforms: Palo Alto Networks (PANOS / Prisma Access), Fortinet (FortiGate / Manager / Analyzer / ADC)
