Security Architect

At Palo Alto Networks® everything starts and ends with our mission:

Being the cybersecurity partner of choice, protecting our digital way of life.

We have the vision of a world where each day is safer and more secure than the one before. These aren’t easy goals to accomplish – but we’re not here for easy. We’re here for better. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are.

Disruption is at the core of our technology and on our way of work to meet the needs of our employees now and in the future through FLEXWORK, our approach to how we work. We’re changing the nature of work from benefits to learning, location to leadership, we’ve rethought and recreated every aspect of the employee experience at Palo Alto Networks. And because it FLEXes around each individual employee based on their individual choices, employees are empowered to push boundaries and help us all evolve, together.

As a Security Architect at Palo Alto Networks, you will lead the effort to secure the largest security company in the world.  You will join a team of security architects responsible for setting the direction and coordinating efforts across Palo Alto Networks’ Products, Operations, Attack Surface Management, Network, IaC/PaC, SOC, and Platform Services Engineering on all security topics.

Your Impact 

• Work alongside the engineering teams, providing expert guidance, leadership, and advice on secure architecture, design, and implementation
• Help proactively assess security risk through a deep understanding of current and future states of our products and services, threat modeling, requirements, architecture, design, and implementation reviews
• Develop security architecture standards, frameworks, guidelines, and design patterns spanning all layers of security in the cloud from the host, server, and network to application and data security
• Provide recommendations and implementation guidance for high-security and high-availability applications.
• Identify opportunities for security tooling and automation with the goal of translating security standards into Policy-as-Code (PaC) and Infrastructure-as-Code (IaC) that is secure by default
• Lead with code, automation, and data in everything you do
• Review and enhance security policies and operational procedures that provide continuous security for our products
• Ensure security standard methodologies are identified and integrated into all facets of projects including network, system designs/configuration, and implementations
• Use tools and experience to review architecture and deployments and identify misconfigurations and vulnerabilities in FedRAMP cloud environments.
• Make recommendations on secure integration strategies, global enterprise architectures, and application infrastructure based on best practices.
• Analyze business impact and risks based on emerging security threats and vulnerabilities, recommend mitigating solutions
• Partner with internal teams to ensure the success of security and compliance programs aligned with client expectations and regulatory requirements

Your Experience 

• 4 to 6 years of experience in security architecture, application security, threat modeling, security assessments, and security reviews.
• Fluent in communicating technical security risks and security architecture impact to business leaders.
• Excellent team player, experience in Agile methodology while achieving common ground with the team in proposing pragmatic solutions. Ability to collaborate across organizational boundaries, cross-functional teams, build relationships, and achieve broader organizational goals.
• Comfortable in navigating ambiguity and the ability to decide on a working solution. Constantly executing on solving problems with incremental improvements.
• The ability to conduct decomposition, analysis, and high-level threat modeling of applications and systems. Capability to prioritize the high-risk threats based on experience and the current threat landscape.
• Thorough understanding of computer networking, routing, cryptography, and protocols
• Working knowledge and experience with the phases of the Secure Software Development Lifecycle (SSDLC).
• Working knowledge and experience with IT security and privacy risk assessments, as well as mapping of security controls.
• Working knowledge and experience with structured secure enterprise architecture practices, large-scale web applications, and cloud environments.
• Knowledge and experience working with virtual machines and containers (Docker, Kubernetes).
• Working knowledge of infrastructure and application security concepts including firewalls, network security, intrusion detection/prevention systems (IDS/NIPS), application security, microservices security, password management, secrets management, access provisioning, IAM, RBAC, ABAC, endpoint security, SIEM, and OWASP.
• Knowledge and experience with common vulnerability scanning and penetration testing tools.
• Knowledge of common computer security issues, including systems, network, and application vulnerabilities.
• Experience in selecting, operating, and rationalizing security tooling for common security processes, including CSPMs, vulnerability scanners, etc.
• Working knowledge and experience in devising and creating security architecture design patterns and security guidelines.
• Working knowledge and experience in threat modeling, security reviews, and Infrastructure-as-Code to identify security flaws and propose actionable mitigations.
• Working knowledge and experience in Mitre ATT&CK, Mitre CAPEC, Mitre CWE, HITRUST Threat Catalog, Security Technical Implementation Guides (STIGs), OWASP.
• Eagerness to research and learn the state of the art in securing applications and systems for continuous improvement.

Education

• Bachelor’s degree from four-year college or university; or equivalent training, education, and experience in information / cyber security, computer systems, IT, etc.

The Team

Think about it, security for an information security company. Working at a high-tech cybersecurity company within the Information Security team is a once in a lifetime opportunity. You’ll be joined with the brightest minds in technology, our global teams on the front line of defense against cyberattacks. We’re joined by one mission – but driven by the impact of that mission and what it means to protect our way of life in the digital age. Join a dynamic and fast-paced team that feels excitement at the prospect of a challenge and feels a thrill at resolving security gaps that inhibit our privacy.

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together. To learn more about our culture and dedication to inclusion and innovation, visit our careers page .

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

Additionally, we are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or an accommodation due to a disability or special need, please contact us at [email protected].

Learn more about the amazing work experience at Palo Alto Networks here! 

All your information will be kept confidential according to EEO guidelines.

#LI-MR1

Covid-19 Vaccination Information for Palo Alto Networks Jobs

• Vaccine requirements and disclosure obligations vary by country.
• Unless applicable law requires otherwise, you must be vaccinated for COVID or qualify for a reasonable accommodation if:
  • The job requires accessing a company worksite
  • The job requires in-person customer contact and the customer has implemented such requirements
  • You choose to access a Palo Alto Networks worksite
• If you have questions about the vaccine requirements of this particular position based on your location or job requirements, please inquire with the recruiter.

Job ID : 3112069