Sr Cloud Infrastructure Security Engineer Devops
Santa Clara, CA, United States
We are reshaping the cybersecurity market through our cloud-delivered security services, and our cloud infrastructure is quickly and massively growing with a global footprint. We’re looking for great SREs, as well as software engineers interested in production engineering, to help us scale the largest enterprise security cloud infrastructure in the world.
Description:
Palo Alto Networks reinvented the enterprise firewall, growing from a start-up to a multi-billion-dollar company. Our Application Framework, the latest offering in our cloud-delivered security services, ingests security events from hundreds of thousands of firewalls deployed across the globe to provide a massive data analytics platform for deep inspection, anomaly detection, and actionable security automation. Our cloud infrastructure is home to a series of massive and complicated distributed systems and virtualization software platforms which enable big data processing around security services, sandboxing and malware detection, URL categorization and malicious site/domain identification, and security research/response.
Qualifications
Deep knowledge of Linux and the networking stack, with hands-on experience in large infrastructure security in data centers and public cloud
Experience with security at the host level including iptables and rule automation, as well as network-level east-west and north-south security best practices.
Experience in creating automated frameworks for vulnerability management such as automated OS/kernel patching including kernel patching, Java upgrades, Python upgrades, and Docker security at large scale
Experience and knowledge of working with security tool APIs such as Nexpose, Tenable, etc.
Experience and knowledge of various security compliance standards such as PCI, FedRAMP, SOC2 controls, as well as auditing and reporting
Knowledge and understanding of WAS application tools such as Qualys/Burp suite and building tools as necessary to facilitate web application remediation
Experience in automated provisioning of network devices (ie Arista switches with Ansible or Saltstack or building Python tools to interface with network devices)
Responsibilities
Working with teams to work through, and contribute to, our security roadmap – from a reference architecture and design to implementation
Working with system/platform SREs and application SREs to make sure security is properly implemented and monitored
Write automation code and leverage tools for large-scale vulnerability management, security rule enforcement, auditing, reporting
Interface with InfoSec team on planning and implementing security-focused projects, participate in incident response
Incorporate hardening best practices in our core automation and builds in bare metal implementations, Kubernetes-managed compute clusters, and public cloud
Work with application SREs and application developers to incorporate security in different layers of application and infrastructure
Learn more about Palo Alto Networkshereand check out ourfast facts #LI-MB1
#J-18808-Ljbffr