Senior Network Security Engineer (Fortinet/Palo Alto) - 100% Remote

Senior Security Engineer (Fortinet/Palo Alto) - 100% remote (EST Hours)

Optomi, in partnership with a client that specializes in the IT space, offering infrastructure and cybersecurity solutions, is looking to add a full-time Network Security Engineering Consultant to their team! The Cybersecurity Engineer willl come with extensive, hands-on experience and possess deep technical mastery of the entire Palo Alto Networks and Fortinet security ecosystems and the ability to apply fundamental cybersecurity principles to solve complex client challenges.

This is a high-impact, client-facing engineering role responsible for the end-to-end design, deployment, and optimization of the complete Palo Alto Networks and Fortinet product stacks. You will serve as the trusted technical authority for our clients, translating strategic business and security requirements into robust, scalable, and operationally mature solutions. Success requires a blend of hands-on technical skill, deep product knowledge, and a solid foundation in core cybersecurity concepts (e.g., CIA Triad, Zero Trust, MITRE ATT&CK, Network, Cloud, IAM, GRC, Application Security). Having a wide breadth of security experience is ideal.

The ideal candidate for this role has come from an IT Solutions, IT Services and/or consulting company working on various cybersecurity and networking projects spanning across Palo Alto and Fortinet products. Experience with Panorama, Prisma, FortiGate, FortiAnalyzer, SASE, SDWAN is a must.

Responsibilities:

• Product Expertise: Serve as the Subject Matter Expert for both the Palo Alto Networks and Fortinet product stacks, leading implementation, optimization, and troubleshooting engagements.
• Palo Alto Networks: Deep experience with NGFWs (PAN-OS), Panorama, Prisma Access (SASE/ZTNA), Prisma Cloud (CSPM/CIEM), and Cortex XDR/XSOAR.
• Fortinet: Deep experience with FortiGate NGFWs (FortiOS), FortiManager, FortiAnalyzer, FortiEDR, FortiSASE, and other elements of the Fortinet Security Fabric.
• Security Architecture & Migration: Design and deploy secure, high-availability, and scalable network and cloud security architectures. Lead complex projects to migrate clients from legacy firewalls (or from one vendor to the other) while minimizing business disruption.
• Zero Trust and SASE Implementation: Architect and deploy advanced capabilities like Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE) using vendor-specific platforms (e.g., Prisma Access, FortiSASE).
• Advanced Feature Configuration: Implement and optimize critical security features, including advanced URL filtering, IPS/IDS, SSL decryption, WildFire/FortiGuard integration, SD-WAN overlays, and VPN tunneling (IPSec/SSL).
• Security Architecture & Design: Architect enterprise-level security solutions, ensuring all deployments adhere to security best practices, industry compliance standards (e.g., NIST, ISO 27001), and a fundamental Zero Trust security model.
• Implementation & Optimization: Execute hands-on configuration, integration, and fine-tuning of platforms to maximize threat prevention capabilities (e.g., App-ID, User-ID, WildFire, Threat Prevention).
• Client Advisory & Training: Act as a subject matter expert, providing post-implementation knowledge transfer, technical mentorship, and high-quality documentation to client engineering and SOC teams.
• Advanced Troubleshooting: Utilize deep knowledge of network protocols (TCP/IP, BGP, OSPF, VPNs) and security telemetry to diagnose and resolve complex multi-domain technical issues in high-pressure client environments.

Qualifications:

• Minimum 5 years of hands-on experience in a dedicated cybersecurity engineering or consulting role. Consulting experience is highly preferred for this role, as it ensures familiarity with the cadence and nature of the industry.
• Minimum 3 years of deep, demonstrable experience in designing, deploying, and managing a significant portion of the Palo Alto Networks and Fortinet product stacks (NGFW is mandatory; additional expertise in Cortex/FortiEDR and/or Prisma/FortiCNP is highly desired).
• Expert-Level Firewall Proficiency: Demonstrated ability to configure, troubleshoot, and manage complex environments using both:
• Palo Alto Networks: Deep expertise in PAN-OS, policies, NAT, Threat Prevention, and Panorama management.
• Fortinet: Deep expertise in FortiOS, VDOMs, FortiGuard, and centralized management via FortiManager/FortiAnalyzer.
• Solid understanding of core security principles across multiple domains (e.g., CIA Triad, Zero Trust, MITRE ATT&CK, Network, Cloud, IAM, GRC, Application Security).
• Advanced knowledge of networking fundamentals (L2/L3 routing, switching, VPNs, IPSEC, PKI) as they relate to network security implementation.
• Proven ability to work independently, manage project timelines, and deliver high-quality technical documentation and client reports.
• Excellent verbal and written communication skills, with the ability to clearly articulate complex technical issues to both technical and executive audiences.

Certifications (Must actively hold and maintain at least one of the below):

• Palo Alto Networks Certified Network Security Engineer (PCNSE)
• Fortinet Network Security Expert Level 7 (NSE 7) or higher
• Preferred (Plus): CISSP, CISM, Fortinet NSE 8, Palo Alto PCCSE, or CCIE Security.