Senior Security Administrator - Palo Alto

Job Description

Security Administrator

\n

6 months

\n

London - hybrid

\n

Inside IR35 - Umbrella only

\n

\n

Role overview:

\n

\n
• Palo Alto Networks expertise to support and enhance our security operations.

\n

• Palo Alto Networks provides a comprehensive, AI-powered SASE (Secure Access Service Edge) solution known as Prisma SASE. It is designed to converge networking and security into a single cloud-delivered platform to support hybrid workforces and modern, distributed enterprises

\n

• You will be responsible for the administration, configuration, policy management, monitoring, and optimisation of Palo Alto security controls, ensuring secure and resilient network operations across enterprise environments.

\n

• This role is hands-on, need to be comfortable working in complex, regulated, or high-availability environments, partnering with infrastructure, networking, and SOC teams to deliver robust security outcomes.

\n

\n

Key Responsibilities:

\n

Palo Alto Administer, configure, and support Palo Alto NGFWs (PA-Series / VM-Series) including:

\n

\n
\n
• Security policy rules, NAT, zones, routing, interfaces, HA, and objects

\n

• App-ID / User-ID / Content-ID, URL filtering, Anti-Spyware, Vulnerability profiles

\n

• SSL decryption policy management (where applicable) and related operational impacts

\n

\n

\n

\n
• Work closely with Network Engineers, Cloud/Platform teams, and Service Owners

\n

• Support projects such as:\n
  \n
  • Firewall migrations, data centre moves, cloud connectivity, segmentation initiatives

  \n

  • Zero Trust or least privilege initiatives

  \n

  • Integration with SIEM/SOAR tooling

  \n

  \n

\n

\n

Required Skills:

\n

\n
• Strong hands-on experience administering Palo Alto NGFWs in enterprise environments

\n

• Proven experience with Panorama for centralised policy and device management

\n

• Understanding of:\n
  \n
  • Network security principles (segmentation, least privilege, L3/L4/L7 filtering)

  \n

  • TCP/IP, routing (BGP/OSPF helpful), NAT, VPN concepts

  \n

  \n

\n

• Skilled troubleshooting ability using logs, packet capture, and CLI diagnostics

\n

• Experience operating within ITIL-style change management and incident processes

\n

• Strong documentation skills and ability to communicate clearly to technical/non-technical stakeholders

\n

\n

Desirable Skills (Nice to Have):

\n

\n
• Palo Alto feature experience:\n
  \n
  • GlobalProtect, site-to-site IPsec VPNs, SSL decryption operations

  \n

  • Advanced Threat Prevention tuning, WildFire analysis, DNS Security

  \n

  \n

\n

• Cloud security/networking exposure:\n
  \n
  • Azure/AWS/GCP, cloud- firewalls, transit networking

  \n

  • VM-Series deployments, Terraform/automation exposure

  \n

  \n

\n

• SIEM integration experience:\n
  \n
  • Splunk / Sentinel / QRadar log forwarding and use-case support

  \n

  \n

\n

• Scripting/automation:\n
  \n
  • Python, PowerShell, Ansible, PAN-OS API, IaC patterns

  \n

  \n

\n

• Experience in regulated environments (finance, healthcare, government, critical infrastructure)

\n

\n

Certifications:

\n

\n
• \nPalo Alto PCCSA / PCNSA / PCNSE (highly desirable)

\n

• ITIL Foundation (helpful)

\n

• Security certs: CompTIA Security+, CISSP, CCNP Security (nice to have)

\n

\n