L3 soc

Job Overview
We are seeking a skilled and motivated Palo Alto Administrator, SIEM Analyst, DDo S Protection Specialist, Network Engineer, and L3 Firewall Expert to join our dynamic cybersecurity and networking team. The ideal candidate will have expertise in managing Palo Alto Networks firewalls , Forti SIEM , working with Security Information and Event Management (SIEM) solutions, implementing DDo S protection using tools such as Radware and Imperva , and managing network infrastructure with a focus on BGP (Border Gateway Protocol) and network routing. In addition, the candidate will possess advanced expertise in L3 (Layer 3) firewalls , network security, and troubleshooting.
This role involves ensuring the security and network infrastructure operates optimally, analyzing security data, deploying DDo S mitigation strategies, managing network routing protocols, and handling L3 firewall configurations to safeguard the organization's network and data.
Job Location
Chennai/Mumbai
Roles & Responsibilities
Palo Alto Administration:
Firewall Management : Configure, maintain, and troubleshoot Palo Alto firewalls to ensure optimal performance and security.
Policy Management : Create, implement, and update security policies (NAT, security rules, application control, URL filtering, etc.) to meet organizational security standards.
Traffic Analysis : Monitor network traffic and security logs for unusual activity and ensure appropriate filtering of traffic.
VPN Configuration : Set up, maintain, and troubleshoot VPN solutions, including Global Protect and site-to-site VPNs.
Updates & Patches : Manage and apply firewall firmware and software updates/patches to mitigate vulnerabilities.
High Availability (HA) & Redundancy : Configure and maintain Palo Alto HA clusters to ensure continuous network security service availability.
Logging & Reporting : Configure logging and reporting on Palo Alto firewalls, ensuring all security events are captured and integrated into SIEM solutions.
SIEM Analysis and Management (Forti SIEM):
Forti SIEM Administration : Configure, manage, and optimize Forti SIEM for log collection, analysis, and correlation from various security devices, including firewalls, intrusion detection/prevention systems (IDS/IPS), and servers.
Incident Detection & Response : Analyze Forti SIEM alerts for signs of security incidents, identify threats, and take proactive or reactive actions to mitigate risks.
Log Aggregation & Analysis : Configure log sources and fine-tune alert thresholds to ensure relevant and actionable security data is captured.
SIEM Optimization & Tuning : Tune SIEM rule sets, reports, and dashboards to minimize false positives and improve detection accuracy.
Compliance & Reporting : Generate compliance reports and security metrics using Forti SIEM , aligning with regulatory requirements such as GDPR, PCI-DSS, HIPAA, and others.
DDo S Protection Management (Radware/Imperva):
DDo S Protection Configuration : Administer and configure DDo S mitigation solutions using Radware and Imperva to protect against volumetric, application-layer, and infrastructure-layer DDo S attacks.
Traffic Monitoring & Analysis : Continuously monitor network traffic for signs of potential DDo S attacks, leveraging Radware and Imperva to detect and mitigate abnormal traffic patterns.
Incident Response & Mitigation : Respond to DDo S incidents in real-time, leveraging automated protection mechanisms in Radware and Imperva to minimize service disruption.
Performance Tuning : Ensure DDo S protection solutions are optimized to balance security and network performance, making necessary adjustments as attack patterns evolve.
Reporting & Documentation : Generate and review attack reports, documenting incident timelines, mitigation actions, and lessons learned. Ensure reports are accessible for future analysis and compliance purposes.
Network Infrastructure & Routing (BGP & Network Skills):
Network Design & Optimization : Design, configure, and maintain network infrastructure to ensure high availability, scalability, and security.
BGP Configuration & Management : Administer and configure BGP routing for multi-site or multi-cloud environments, ensuring optimal route selection, failover, and network redundancy.
Routing Protocols : Configure and troubleshoot routing protocols such as BGP , OSPF , EIGRP , and Static Routes to ensure optimal network performance.
Network Performance Monitoring : Use tools to monitor network performance, diagnose network issues, and ensure high network uptime.
Connectivity & Redundancy : Implement redundant network configurations, including link aggregation, failover strategies, and network resilience techniques for mission-critical applications.
Cloud Networking : Experience with cloud-based network configurations (AWS, Azure, GCP) and integrating them with on-premise network infrastructure.
IP Subnetting & VLAN Configuration : Manage and optimize IP address management (IPAM), subnets, VLANs, and ensure proper segmentation within the network infrastructure.
L3 Firewall Expertise:
L3 Firewall Configuration : Configure and manage advanced L3 (Layer 3) firewall policies, including routing and security settings, on multiple firewall platforms.
Traffic Control & Filtering : Implement and troubleshoot traffic filtering rules for IP traffic, subnets, and protocols, ensuring proper segmentation and control between networks.
Advanced Routing & Firewall Integration : Configure firewall policies based on routing protocols (such as BGP , OSPF , etc.) and integrate firewalls with routing protocols for optimized traffic management and security.
Firewall Troubleshooting & Optimization : Analyze complex firewall configurations, identify issues, and optimize firewall performance by adjusting rules, policies, and routing settings.
Security Policy Management : Create, review, and update security policies for L3 firewall implementations, ensuring compliance with security best practices and organizational requirements.
Collaboration & Documentation:
Collaboration with IT & Security Teams : Work closely with the IT infrastructure and security operations teams to maintain a secure and resilient network environment.
Incident Response : Participate in incident response activities, including containment, eradication, and recovery efforts, leveraging Palo Alto firewalls, SIEM tools, DDo S protection, and network configurations for investigative purposes.
Documentation : Maintain accurate documentation of firewall configurations, security policies, SIEM alert configurations, DDo S protection strategies, network configurations, and firewall rule sets.
Training & Knowledge Sharing : Provide guidance and training to other team members on security best practices, Palo Alto administration, SIEM operations, DDo S protection strategies, L3 firewall management, and network routing.
EDUCATIONAL QUALIFICATIONS: (degree, training, and certification required)
BE/B-Tech or equivalent with Computer Science/IT or Electronics & Communication
Certification required
Palo Alto Networks Certifications
Forti SIEM Certifications
Radware/Imperva DDo S Certifications
BGP & Network Certifications
Comp TIA Security+, CISSP, or CISM
Relevant Experience
12+ years of experience in network security, firewall management, DDo S protection, network routing (including BGP), and SIEM systems.
Experience in cloud security (AWS, Azure, GCP) and integrating Palo Alto firewall solutions in cloud environments.
Knowledge of advanced persistent threat (APT) detection and response strategies.
Familiarity with vulnerability management and scanning tools.
Proven experience with Palo Alto firewall administration and security policy management.
Experience in managing and analyzing security events using Forti SIEM.
Experience in deploying and managing DDo S protection tools, particularly Radware and Imperva.

---