Job Overview We are seeking a skilled and motivatedPalo Alto Administrator, SIEM Analyst, DDoS Protection Specialist, Network Engineer, and L3 Firewall Expertto join our dynamic cybersecurity and networking team. The ideal candidate will have expertise in managingPalo Alto Networks firewalls ,FortiSIEM , working withSecurity Information and Event Management (SIEM)solutions, implementingDDoS protectionusing tools such asRadwareandImperva , and managingnetwork infrastructurewith a focus onBGP (Border Gateway Protocol)andnetwork routing . In addition, the candidate will possess advanced expertise inL3 (Layer 3) firewalls , network security, and troubleshooting. This role involves ensuring the security and network infrastructure operates optimally, analyzing security data, deploying DDoS mitigation strategies, managing network routing protocols, and handling L3 firewall configurations to safeguard the organization's network and data.Job Location Chennai/MumbaiRoles & ResponsibilitiesPalo Alto Administration: Firewall Management : Configure, maintain, and troubleshoot Palo Alto firewalls to ensure optimal performance and security. Policy Management : Create, implement, and update security policies (NAT, security rules, application control, URL filtering, etc.) to meet organizational security standards. Traffic Analysis : Monitor network traffic and security logs for unusual activity and ensure appropriate filtering of traffic. VPN Configuration : Set up, maintain, and troubleshoot VPN solutions, including GlobalProtect and site-to-site VPNs. Updates & Patches : Manage and apply firewall firmware and software updates/patches to mitigate vulnerabilities. High Availability (HA) & Redundancy : Configure and maintain Palo Alto HA clusters to ensure continuous network security service availability. Logging & Reporting : Configure logging and reporting on Palo Alto firewalls, ensuring all security events are captured and integrated into SIEM solutions.SIEM Analysis and Management (FortiSIEM): FortiSIEM Administration : Configure, manage, and optimizeFortiSIEMfor log collection, analysis, and correlation from various security devices, including firewalls, intrusion detection/prevention systems (IDS/IPS), and servers. Incident Detection & Response : Analyze FortiSIEM alerts for signs of security incidents, identify threats, and take proactive or reactive actions to mitigate risks. Log Aggregation & Analysis : Configure log sources and fine-tune alert thresholds to ensure relevant and actionable security data is captured. SIEM Optimization & Tuning : Tune SIEM rule sets, reports, and dashboards to minimize false positives and improve detection accuracy. Compliance & Reporting : Generate compliance reports and security metrics usingFortiSIEM , aligning with regulatory requirements such as GDPR, PCI-DSS, HIPAA, and others.DDoS Protection Management (Radware/Imperva): DDoS Protection Configuration : Administer and configure DDoS mitigation solutions usingRadwareandImpervato protect against volumetric, application-layer, and infrastructure-layer DDoS attacks. Traffic Monitoring & Analysis : Continuously monitor network traffic for signs of potential DDoS attacks, leveraging Radware and Imperva to detect and mitigate abnormal traffic patterns. Incident Response & Mitigation : Respond to DDoS incidents in real-time, leveraging automated protection mechanisms in Radware and Imperva to minimize service disruption. Performance Tuning : Ensure DDoS protection solutions are optimized to balance security and network performance, making necessary adjustments as attack patterns evolve. Reporting & Documentation : Generate and review attack reports, documenting incident timelines, mitigation actions, and lessons learned. Ensure reports are accessible for future analysis and compliance purposes.Network Infrastructure & Routing (BGP & Network Skills): Network Design & Optimization : Design, configure, and maintain network infrastructure to ensure high availability, scalability, and security. BGP Configuration & Management : Administer and configureBGProuting for multi-site or multi-cloud environments, ensuring optimal route selection, failover, and network redundancy. Routing Protocols : Configure and troubleshoot routing protocols such asBGP ,OSPF ,EIGRP , andStatic Routesto ensure optimal network performance. Network Performance Monitoring : Use tools to monitor network performance, diagnose network issues, and ensure high network uptime. Connectivity & Redundancy : Implement redundant network configurations, including link aggregation, failover strategies, and network resilience techniques for mission-critical applications. Cloud Networking : Experience with cloud-based network configurations (AWS, Azure, GCP) and integrating them with on-premise network infrastructure. IP Subnetting & VLAN Configuration : Manage and optimize IP address management (IPAM), subnets, VLANs, and ensure proper segmentation within the network infrastructure.L3 Firewall Expertise: L3 Firewall Configuration : Configure and manage advanced L3 (Layer 3) firewall policies, including routing and security settings, on multiple firewall platforms. Traffic Control & Filtering : Implement and troubleshoot traffic filtering rules for IP traffic, subnets, and protocols, ensuring proper segmentation and control between networks. Advanced Routing & Firewall Integration : Configure firewall policies based on routing protocols (such asBGP ,OSPF , etc.) and integrate firewalls with routing protocols for optimized traffic management and security. Firewall Troubleshooting & Optimization : Analyze complex firewall configurations, identify issues, and optimize firewall performance by adjusting rules, policies, and routing settings. Security Policy Management : Create, review, and update security policies for L3 firewall implementations, ensuring compliance with security best practices and organizational requirements.Collaboration & Documentation: Collaboration with IT & Security Teams : Work closely with the IT infrastructure and security operations teams to maintain a secure and resilient network environment. Incident Response : Participate in incident response activities, including containment, eradication, and recovery efforts, leveraging Palo Alto firewalls, SIEM tools, DDoS protection, and network configurations for investigative purposes. Documentation : Maintain accurate documentation of firewall configurations, security policies, SIEM alert configurations, DDoS protection strategies, network configurations, and firewall rule sets. Training & Knowledge Sharing : Provide guidance and training to other team members on security best practices, Palo Alto administration, SIEM operations, DDoS protection strategies, L3 firewall management, and network routing.EDUCATIONAL QUALIFICATIONS: (degree, training, and certification required) BE/B-Tech or equivalent with Computer Science/IT or Electronics & CommunicationCertification required Palo Alto Networks Certifications FortiSIEM Certifications Radware/Imperva DDoS Certifications BGP & Network Certifications CompTIA Security+, CISSP, or CISMRelevant Experience 12+ yearsof experience in network security, firewall management, DDoS protection, network routing (including BGP), and SIEM systems. Experience in cloud security (AWS, Azure, GCP) and integrating Palo Alto firewall solutions in cloud environments. Knowledge of advanced persistent threat (APT) detection and response strategies. Familiarity with vulnerability management and scanning tools. Proven experience with Palo Alto firewall administration and security policy management. Experience in managing and analyzing security events usingFortiSIEM . Experience in deploying and managing DDoS protection tools, particularlyRadwareandImperva .
Job Title
L3 SOC