Cloud Network Security Engineer (Terraform)

We are seeking a highly skilled Cloud Network Security Engineer to design, deploy, and operate Palo Alto Networks Next-Generation Firewalls (NGFWs) across Microsoft Azure and Google Cloud Platform (GCP) environments.
This role will be hands-on and delivery-focused, supporting:
· Palo Alto firewall deployments using Terraform
· Migration of existing GCP mesh network topology to a hub-and-spoke architecture
· Standardization of cloud perimeter, egress, and inter-VPC/VNet security controls
The engineer will work closely with Security Architecture, Cloud Platform, and Network Engineering teams to implement secure, scalable, and repeatable cloud network security patterns.
Key Responsibilities
Palo Alto Firewall Deployment & Operations
· Design and deploy Palo Alto NGFWs (VM-Series) in Azure and GCP (perimeter, shared services, and hub networks)
· Implement and manage firewall policies using App-ID, Threat Prevention, URL Filtering, and logging
· Support north–south and east–west traffic inspection use cases
· Integrate firewall logging with centralized SIEM platforms (e.g., Splunk)
Terraform & Infrastructure as Code
· Develop and maintain Terraform modules for:
o Palo Alto firewall deployments
o Hub-and-spoke networking (VPCs/VNets, routing, NAT, load balancers)
o Security policy and rule standardization
· Follow Git-based workflows (PRs, code reviews, versioning)
· Ensure repeatability, consistency, and automated deployments across environments
GCP Network Topology Migration
· Assist in migrating from GCP mesh VPC topology to a hub-and-spoke model
· Design and implement:
o Centralized ingress and egress VPCs
o Shared firewall hubs
o VPC peering / cloud routing strategies
· Minimize application downtime and reduce blast radius during migration
Cloud Networking & Security Integration
· Collaborate with architecture teams to implement approved cloud security patterns
· Support routing, NAT, load balancing, and high-availability designs
· Implement secure connectivity between:
o Cloud-to-cloud (Azure ↔ GCP)
o Cloud-to-on-prem environments
· Participate in troubleshooting complex network and firewall issues
Documentation & Operational Readiness
· Produce clear technical documentation:
o Terraform modules
o Firewall design diagrams
o Deployment and rollback procedures
· Support operational handoff to NOC/SOC teams
· Participate in change management and CAB processes

Pay Rate: $6-$10 an hour depending on skills and experience

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Required Qualifications
Core Technical Skills
· 5+ years of experience in network security or cloud networking
· Hands-on experience deploying Palo Alto Networks firewalls (VM-Series)
· Strong experience with Terraform in production environments
· Solid knowledge of GCP networking:
o VPCs, subnets, routing, firewall rules, NAT, load balancers
· Working experience with Azure networking:
o VNets, UDRs, Azure Load Balancer, Azure Firewall or NVA patterns
· Understanding of hub-and-spoke cloud architectures
Security & Networking Fundamentals
· Strong TCP/IP, routing, and firewall fundamentals
· Experience with:
o North–south and east–west traffic control
o Centralized egress and ingress models
· Familiarity with logging, monitoring, and SIEM integrations
Collaboration & Communication
· Experience working with US-based teams in a global/offshore model
· Ability to follow architecture standards and security patterns
· Strong documentation and verbal communication skills
Comfortable working in Agile or sprint-based delivery model

· Palo Alto certifications (PCNSA, PCNSE)
· Experience with:
o GCP Shared VPCs
o Azure Landing Zones
· Exposure to Zero Trust or segmentation concepts
· Experience supporting large-scale cloud migrations
· Familiarity with CI/CD pipelines for Terraform

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.