PALO ALTO SPECIALIST (PRISMA) / (SECURITY ENGINEER)

Join to apply for the PALO ALTO SPECIALIST (PRISMA) / (SECURITY ENGINEER) role at Zermount, Inc.

Zermount Inc. is seeking a highly talented, technical hands-on Security Engineer with a focus on Palo Alto PRISMA, DLP, and CASB solutions. This individual will assist with the design, implementation, configuration, optimization, administration, and maintenance of the client's security infrastructure, emphasizing next-generation firewalls (NGFW), cloud security posture management (CSPM), workload protection, network security, and DevSecOps integration.

1. Provide expert architecture, engineering, content development, O&M, and enhancement services for Prisma, DLP & CASB.
2. Evaluate requirements and provide recommendations to maximize capabilities.
3. Develop requirements for each tool and the overall suite/platform to maximize utilization and coverage.
4. Lead the implementation, upgrade, and installation of Palo Alto and Prisma Cloud solutions across hybrid environments.
5. Review and enhance current Prisma implementations and modules.
6. Enhance CSPM capabilities and integrate CWPP features.
7. Integrate Prisma Cloud with AWS, Azure, and code repositories.
8. Assess cloud instances, identify gaps, and develop dashboards and reports for security and risk posture.
9. Conduct system upgrades with minimal operational impact and rollback strategies.
10. Coordinate with infrastructure, cloud, and network teams for proper configuration.
11. Design security architectures utilizing Palo Alto NGFWs, Panorama, and Prisma Cloud (CSPM, CWPP, CIEM).
12. Configure security profiles (URL filtering, Anti-Spyware, IPS, WildFire) and enforce Zero Trust principles.
13. Monitor and optimize security controls across multi-cloud environments.
14. Integrate Prisma Cloud into CI/CD pipelines for shift-left security practices.
15. Assist project management with scheduling and documentation.
16. Troubleshoot and resolve implementation issues.
17. Identify opportunities to optimize platform performance and security coverage.
18. Ensure compliance with NIST, FedRAMP, and CISA guidelines.
19. Create documentation, diagrams, and SOPs for architecture and deployment.
20. Provide technical support to the team as needed.

• High attention to detail, effective communication, team player, capable of independent execution.
• Strategic planning and operational/technical expertise.
• Adaptability to changing requirements.
• At least 5 years (preferably 10) of hands-on experience in network, systems, applications, and cloud security.
• Knowledge of serverless security, microservices, CI/CD, and application development preferred.
• Experience with security design in AWS and Azure, multi-cloud/hybrid environments, IaaS/PaaS/SaaS models.
• Experience with DevSecOps, RMF, CSF, FISMA, FedRAMP.
• Familiarity with Zero Trust, SASE, IAM, CWPP, CSPM, CIEM, vulnerability management, compliance frameworks.

• Bachelor’s degree in Computer Science, Engineering, IT, Cybersecurity, or equivalent experience.

• Preferred: Prisma Certified Cloud Security Engineer (PCCSE), Palo Alto Cybersecurity Practitioner.
• Required: CISSP, CISA, CASP, GCED, GCIH, CISM, CEH, GICSP, SSCP, or equivalent.

• Minimum Background Investigation (MBI).

• Remote, with initial onboarding in Arlington, VA.
• Some travel to Washington, D.C. Metro Area may be required.

• Working hours: 8:00 am ET - 4:30 pm ET.