Security Solution Engineer SME

• Provide SME level of Network and Service Assurance support for core to edge security protocols on Palo Alto & Zscaler platform.
• Troubleshooting the network and service issues while adhering to SLA/KPIs and ensure target SLA levels are met for each ticket.
• Troubleshooting of enterprise and cloud based Proxy and VPN access
• Troubleshooting on Site to Site and Remote Site VPN’s
• Working directly with equipment vendors, OEMs, Field Support Staff.
• Analysis for root cause determination of issues including recommendations for improvements.
• Able to understand customer business requirements and convert the same in use cases from technology perspective
• Able to do deep consulting job to address customer’s business problems using Zscaler and all other security platforms available
• Able to provide E2E architecture services for customer
• Architecture and Hands-on Experience on Zscaler Cloud Proxy ZIA & ZPA, ZDX and other features.
• Manage and Troubleshoot Zscaler App portal by creating Application Control and Web Control policies,

Job Requirements

• Good technical knowledge on Routing and Switching
• Troubleshooting experience on Paulo Alto Firewall, Zone Based Firewall, Cisco ASA and Zscaler (ZIA and ZPA)
• Troubleshooting experience on Cloud Based Proxy
• Troubleshooting experience on Content filtering and deep packet inspection
• Troubleshooting experience on DDOS prevention
• Enterprise Security Troubleshooting Experience
• Data center Security Troubleshooting Experience
• Strong skills on MS Office for reports and RCA making.
• Strong analytical skills to resolve problems. 
• Strong oral and written communication skills to coordinate repair efforts and prepare reports.
• Strong interpersonal skills to coordinate efforts effectively between multiple groups. 
• Ability to manage multiple tasks in a fast paced environment. 
• Zscaler (ZIA and ZPA) experience will be preferred.
• Provide expert multi-technology advice to internal clients, analysing and providing strategies and solutions on all aspects of application software, infrastructure and related Zscaler components.
• Advise and execute on the best design for Zscaler technology architectures.
• Use client business requirements to advise on the design, deployment and operation of application infrastructures.
• Create High level & Low level designs that provide holistic views, but also contain the details of the components and interconnections between components.
• Contribute advice on improving methodology frameworks.
• Manage the proof of concept (POC) initiatives.
• Researches and investigates emerging infrastructure technologies and the best practices associated with these trends.
• Contribute to the improvement of internal effectiveness by contributing to improving current methodologies, processes and tools.
• Proactive addition of client public IPs on the Zscaler Admin Portal.
• Maintenance of client public IPs clean up (removal in case of decommission)
• Maintain URL filtering rule set.
• Setup new rules for URL categorization (when Zscaler sends a notification)
• Create URL exceptions for uncategorized traffic.
• Maintain Admin accounts and roles for access to Zscaler admin portal.
• Communicating to customer about planned maintenance/outages on Zscaler nodes.
• Proven experience Configuring authentication in Okta (SAML 2.0), TLS /SSL Interception on Zscaler cloud ZIA, Maintain Users/User Groups for authentication on Zscaler (AD/Manual)
• Timely backups of the rule sets on admin portal.
• Maintain bandwidth classes, if a new website is identified to be prioritized, it needs to be amended/maintained.
• Present settings for Advanced Threat protection/Malware Protection Client Security team for audit/verification.
• Maintain Cloud Policy policies for sites using Cloud Firewall.
• Maintain Network Services, and IP/FQDN Groups which are used in firewall control.
• Interact with Zscaler support for cases where we require support on Zscaler cloud, URL, functionality related issues. Weekly call with Zscaler TAM to understand operation related crunches (if any).
• Block any malicious IPs on Zscaler, as notified to SOC and identified as a threat by Client.

Desired Certification

• ZPA Professional
• ZIA Professional
• ZDX Administrator
• PCNSE – Palo Alto Networks Certified Network Security Engineer
• PCNSA- Palo Alto Networks Certified Network Security Administrator