Prisma VPN Implementation Specialist

Summary

Join our team as a Prisma VPN Implementation Specialist to design and deploy Prisma VPN solutions. You will leverage your extensive expertise in Prisma VPN configuration, troubleshooting, and optimization, ensuring seamless integration with existing infrastructure. The ideal candidate possesses 8-10 years of network security experience, specifically with Prisma Cloud/VPN and Palo Alto Networks SASE platforms. You will architect Prisma VPN solutions, develop implementation plans, install and configure Prisma VPN across diverse environments, and integrate it with existing security tools. Responsibilities include optimizing VPN performance, implementing monitoring tools, resolving technical issues, creating documentation, and training IT teams. The role requires strong communication skills and the ability to work both independently and collaboratively.

Requirements

• 8-10 years of network security specially in Prisma Cloud/VPN
• Proven expertise in architecting, deploying, and optimizing Palo Alto Networks SASE platforms, with deep technical knowledge of Prisma Access, Prisma Access Browser, GlobalProtect, and Next-Generation Firewalls (NGFW)
• Advanced working knowledge of Azure Security Center, AWS CloudWatch and CloudTrail
• Cloud security (IaaS, PaaS, and SaaS) across multiple cloud platforms such as Azure, AWS, and Google
• Years of hands-on experience with remote user access technologies, including IPSec VPN, SSL VPN, Explicit Proxy, tunneling and encryption protocols such as SSL/TLS, IPSec, and GRE, with strong familiarity with PKI and certificate management (public/private)
• Extensive experience with authentication methodologies (2FA, SAML, RADIUS, LDAP, TACACS, Certificates) and directory services including Okta, Active Directory, Azure ADFS, Ping, Entra ID, and OneLogin
• Strong routing expertise, including BGP, static routing, traffic steering, redistribution, and policy-based forwarding (PBF) in enterprise network environments
• In-depth knowledge of NGFW capabilities, configuration, and deployment, including Panorama, App-ID, User-ID, Threat Prevention, URL Filtering, SSL Decryption, CASB, DLP, IP, NAT, routing protocols, IPSec VPNs, and how these elements interact with end-user applications and cloud services
• Exceptional written and verbal communication skills, with the ability to clearly articulate technical concepts to senior leadership, technical peers, and non-technical stakeholders
• Comfortable working both independently and as part of cross-functional teams, with the ability to manage multiple complex projects under pressure with direct customer-facing consulting experience, with a strong track record of delivering high-impact outcomes and executive-level presentations
• Bachelor’s degree in Computer Science, Information Technology, or related field
• Certifications in network security or Prisma technologies (e.g., Palo Alto Networks certifications)
• Proven track record of implementing VPN solutions in enterprise environments

Responsibilities

• Architect Prisma VPN solutions tailored to organizational needs
• Develop detailed implementation plans, including topology and security configurations
• Install and configure Prisma VPN across diverse environments (cloud, hybrid, on-premises)
• Set up secure access policies, authentication mechanisms, and encryption protocols
• Integrate Prisma VPN with existing network infrastructure and security tools
• Optimize VPN performance and scalability to meet organizational demands
• Implement monitoring tools to ensure VPN health and performance
• Diagnose and resolve technical issues promptly, minimizing downtime
• Create comprehensive documentation for configurations, processes, and troubleshooting
• Train IT teams on Prisma VPN usage and best practices

Preferred Qualifications

• Practical experience with SD-WAN, preferably Prisma SD-WAN (formerly CloudGenix) with the ability to implement and troubleshoot complex edge connectivity
• Familiarity with enterprise browser technologies, browser features (shortcuts/bookmarks, dev tools, extensions, history, cookies), and commercial browser management (Chrome, Edge, Brave), as well as competitors like Island Enterprise Browser
• Understanding of endpoint management tools such as Microsoft Intune, Jamf, and VMware Workspace ONE, especially as they relate to SASE client deployment and policy enforcement
• Scripting proficiency in PowerShell, Bash, or Python for task automation, with experience identifying and executing automation opportunities to enhance SASE deployments and operations
• Professional Network Security/Cloud Architect - preferred
• CISSP (+ ISSAP), CCSP - preferred
• CompTIA Security +, Associate of IC2 preferred
• Cloud Security Posture Management (CSPM)
• Cloud-Native Application Protection Platforms (CNAPP)