Security Administrator
6 months
London - hybrid
Inside IR35 - Umbrella only
Role overview:
Palo Alto Networks expertise to support and enhance our security operations.
Palo Alto Networks provides a comprehensive, AI-powered SASE (Secure Access Service Edge) solution known as Prisma SASE. It is designed to converge networking and security into a single cloud-delivered platform to support hybrid workforces and modern, distributed enterprises
You will be responsible for the administration, configuration, policy management, monitoring, and optimisation of Palo Alto security controls, ensuring secure and resilient network operations across enterprise environments.
This role is hands-on, need to be comfortable working in complex, regulated, or high-availability environments, partnering with infrastructure, networking, and SOC teams to deliver robust security outcomes.Key Responsibilities:
Palo Alto Administer, configure, and support Palo Alto NGFWs (PA-Series / VM-Series) including:
Security policy rules, NAT, zones, routing, interfaces, HA, and objects
App-ID / User-ID / Content-ID, URL filtering, Anti-Spyware, Vulnerability profiles
SSL decryption policy management (where applicable) and related operational impacts
Work closely with Network Engineers, Cloud/Platform teams, and Service Owners
Support projects such as:
Firewall migrations, data centre moves, cloud connectivity, segmentation initiatives
Zero Trust or least privilege initiatives
Integration with SIEM/SOAR toolingRequired Skills:
Strong hands-on experience administering Palo Alto NGFWs in enterprise environments
Proven experience with Panorama for centralised policy and device management
Understanding of:
Network security principles (segmentation, least privilege, L3/L4/L7 filtering)
TCP/IP, routing (BGP/OSPF helpful), NAT, VPN concepts
Skilled troubleshooting ability using logs, packet capture, and CLI diagnostics
Experience operating within ITIL-style change management and incident processes
Strong documentation skills and ability to communicate clearly to technical/non-technical stakeholdersDesirable Skills (Nice to Have):
Palo Alto feature experience:
GlobalProtect, site-to-site IPsec VPNs, SSL decryption operations
Advanced Threat Prevention tuning, WildFire analysis, DNS Security
Cloud security/networking exposure:
Azure/AWS/GCP, cloud-native firewalls, transit networking
VM-Series deployments, Terraform/automation exposure
SIEM integration experience:
Splunk / Sentinel / QRadar log forwarding and use-case support
Scripting/automation:
Python, PowerShell, Ansible, PAN-OS API, IaC patterns
Experience in regulated environments (finance, healthcare, government, critical infrastructure)Certifications:
Palo Alto PCCSA / PCNSA / PCNSE (highly desirable)
ITIL Foundation (helpful)
Security certs: CompTIA Security+, CISSP, CCNP Security (nice to have)
