Senior Security Administrator - Palo Alto

Security Administrator

6 months

London - hybrid

Inside IR35 - Umbrella only

Role overview:

• Palo Alto Networks expertise to support and enhance our security operations.
• Palo Alto Networks provides a comprehensive, AI-powered SASE (Secure Access Service Edge) solution known as Prisma SASE. It is designed to converge networking and security into a single cloud-delivered platform to support hybrid work forces and modern, distributed enterprises
• You will be responsible for the administration, configuration, policy management, monitoring, and optimisation of Palo Alto security controls, ensuring secure and resilient network operations across enterprise environments.
• This role is hands-on, need to be comfortable working in complex, regulated, or high-availability environments, partnering with infrastructure, networking, and SOC teams to deliver robust security outcomes.

Key Responsibilities:

Palo Alto Administer, configure, and support Palo Alto NGFWs (PA-Series / VM-Series) including:

• Security policy rules, NAT, zones, routing, interfaces, HA, and objects
• App- / User- / Content-, URL filtering, Anti-Spyware, Vulnerability profiles
• SSL decryption policy management (where applicable) and related operational impacts

• Work closely with Network Engineers, Cloud/Platform teams, and Service Owners
• Support projects such as:
  • Firewall migrations, data centre moves, cloud connectivity, segmentation initiatives
  • Zero Trust or least privilege initiatives
  • Integration with SIEM/SOAR tooling

Required Skills:

• Strong hands-on experience administering Palo Alto NGFWs in enterprise environments
• Proven experience with Panorama for centralised policy and device management
• Understanding of:
  • Network security principles (segmentation, least privilege, L3/L4/L7 filtering)
  • TCP/IP, routing (BGP/OSPF helpful), NAT, VPN concepts
• Skilled troubleshooting ability using logs, packet capture, and CLI diagnostics
• Experience operating within ITIL-style change management and incident processes
• Strong documentation skills and ability to communicate clearly to technical/non-technical stakeholders

Desirable Skills (Nice to Have):

• Palo Alto feature experience:
  • Global Protect, site-to-site IPsec VPNs, SSL decryption operations
  • Advanced Threat Prevention tuning, Wild Fire analysis, DNS Security
• Cloud security/networking exposure:
  • Azure/AWS/GCP, cloud-native firewalls, transit networking
  • VM-Series deployments, Terraform/automation exposure
• SIEM integration experience:
  • Splunk / Sentinel / QRadar log forwarding and use-case support
• Scripting/automation:
  • Python, Power Shell, Ansible, PAN-OS API, IaC patterns
• Experience in regulated environments (finance, healthcare, government, critical infrastructure)

Certifications:

• Palo Alto PCCSA / PCNSA / PCNSE (highly desirable)
• ITIL Foundation (helpful)
• Security certs:
  CompTIA Security+, CISSP, CCNP Security (nice to have)