Job Title

Experience- 5 to 8 years.Location- PAN LTIM.We are seeking a hands-on Network Security Automation Engineer to design, build, and operate automation across our network security stack. The ideal candidate has strong software engineering fundamentals (Python/REST/CI/CD), knowledge of firewalls and cloud security, and a track record of building robust automation for policy orchestration, compliance, change management, and response workflows (SIEM/SOAR).Key ResponsibilitiesDesign and implement automation for firewall policy lifecycle (create/modify/decommission), NAT, objects, address groups, URL categories, SSL decryption, and rule optimization.Build scalable workflows integrating REST/JSON APIs of Palo Alto (PAN-OS), Fortinet, Check Point and SASE (e.g., Prisma Access/Netskope/Zscaler).Create IaC modules (e.g., Terraform for security policies / objects) and Ansible playbooks / collections for consistent configuration across environments.Develop reusable Python libraries / CLI tools; package and version modules; maintain documentation and unit tests.Build pipelines for SD‑WAN (e.g., Prisma SD‑WAN / Fortinet SD‑WAN) and ZTNA / SASE policy automation, posture checks, and identity/context-aware rules.Implement configuration drift detection, continuous compliance (CIS / NIST / ISO), and audit-ready reporting.Develop telemetry pipelines (syslog / API polling / webhooks) and dashboards for policy health, rule hygiene, hit counts, shadowed/duplicate rules, and KPIs.Optimize performance: automate rule cleanup, object reuse analysis, and policy rationalization across vendors.Identify high-impact AI/ML use cases within the domains of infrastructure security, deployment pipelines (CI/CD), security operations (SecOps), and large-scale system troubleshootingKeep abreast of the latest advancements in AI/ML, particularly in the domain of Generative AI, and evaluate their potential application to infrastructure security workflowsRequired Qualification / CertificationsAnsible, Terraform, CI/CD and Python. Bash / PowerShell is a plus.Proficiency in REST APIs, JSON / YAML, and webhooks; experience building internal API services/microservices is valued.Fundamental understanding of security products like firewalls, SASE, SDWANPolicy constructs: security / NAT rules, app‑ID / user‑ID, URL / Threat profiles, SSL decryption, zones / virtual routers, objects / address groups.Strong documentation, testing, and stakeholder communication.Generative AI: Experience utilizing Large Language Models (LLMs) or building RAG (Retrieval-Augmented Generation) applications for tasks like summarizing incident reports or generating troubleshooting runbooks.Proficiency in Python and demonstrable experience with core ML libraries (e.g., scikit-learn, TensorFlow, PyTorch)Preferred SkillsLanguages: Python, Bash, PowerShellAutomation: Ansible, Terraform, Git, CI/CD pipelinesSecurity Platforms: Palo Alto Networks (PAN‑OS / Prisma Access), Fortinet (FortiGate / Manager / Analyzer / ADC)