As a Principal Firewall Software Engineer, you will serve as the strategic and technical lead for enterprise firewall architecture, implementation, and operations. You will drive the design and deployment of scalable, secure, and resilient firewall solutions across global environments, ensuring alignment with Zero Trust principles, compliance frameworks, and business continuity goals. This role is pivotal in shaping the future of the organization's network security posture.
WHO WE ARE LOOKING FORThe candidate shall have significant enterprise level Security acumen, experience working on Palo Alto Next Generation Firewalls, and managerial experience.
10+ years in network security engineering with a focus on enterprise firewall platforms.
Deep expertise in Palo Alto Networks technologies and HA firewall architecture.
Strong knowledge of routing/switching protocols (BGP, VRF, MPLS), wireless, and SD-WAN.
Proven experience with SSL decryption, DLP, and Zero Trust implementations.
Familiarity with compliance frameworks such as NIST, ISO 27001, and GDPR.
Proficiency in scripting and automation (Python, Terraform, Jenkins).
Excellent communication and leadership skills; ability to influence across technical and executive audiences.
Understanding of network design and operations across full stack technologies
Hands-on experience with traffic decryption and privacy regulations
Knowledge of network threat prevention methodologies and protocols
Experience with Network Access Control systems such as Cisco ISE
WHAT YOU’LL WORK ONYou will be responsible for being strategic and technical lead for Firewall architecture spanning Next Generation Firewalls, SD-WAN, and Cisco ASA platforms in addition to playing a role is building automations, Agents, and solutions to further Nike’s journey towards Zero-Trust networks.
Mentors and develops the capabilities of team members
Architect and implement enterprise-wide firewall solutions using Palo Alto Networks technologies (NGFW, Panorama, Prisma, Cortex), including high availability configurations and global policy orchestration.
Define and execute network segmentation and identity-based access strategies, integrating with Cisco ISE and 802.1x protocols to enforce least-privilege access.
Secure hybrid cloud environments (AWS, Azure) by managing ingress/egress controls, intra-cloud segmentation, and cloud-to-on-prem traffic flows.
Deploy and tune advanced threat prevention features (IDS/IPS, URL/DNS filtering, sandboxing, SSL/TLS decryption) while balancing performance and privacy compliance.
Develop and maintain automation pipelines using Python, Terraform, and GitHub to streamline firewall rule management, logging, and compliance reporting.
Lead root cause analysis and remediation for firewall-related incidents, including software upgrades, hardware failures, and DLP enforcement.
Collaborate with Cybersecurity, Cloud, and Infrastructure teams to align firewall policies with broader enterprise security objectives and compliance mandates.