Staff Network Security Engineer (R4180)

Job Description

Job Description

Founded in 2015, Shield AI is a venture-backed deep-tech company with the mission of protecting service members and civilians with intelligent systems. Its products include the V-BAT and X-BAT aircraft, Hivemind Enterprise, and the Hivemind Vision product lines. With offices and facilities across the U.S., Europe, the Middle East, and the Asia-Pacific, Shield AI’s technology actively supports operations worldwide. For more information, visit Follow Shield AI on LinkedIn, X, Instagram, and YouTube.

Job Description:

Shield AI is seeking a highly skilled Staff Network Security Engineer with deep expertise in Palo Alto Networks security platforms to strengthen our global infrastructure. This role emphasizes advanced firewall and security engineering while also providing support for core routing, switching, and wireless functions alongside the broader networking team. The engineer will play a key role in securing and scaling Shield AI’s global production, development, and test environments, spanning data centers, LAN/WAN, remote offices, and Azure/AWS cloud workloads.

What you'll do:

• Network Security Engineering:
• Architect and enhance secure network infrastructures across cloud, on-premises, and data center environments, continuously improving Shield AI’s overall security posture and resilience.
• Lead the design and optimization of Palo Alto Networks security services—including Threat Prevention, URL Filtering, Application Control, GlobalProtect, and WildFire—to protect Shield AI’s networks and data.
• Engineer and maintain secure WAN, VPN, and Zero Trust/remote access solutions.
• Execute firewall and network change requests in alignment with corporate security policies.
• Administer and optimize NAC platforms to enforce secure device access and network policy compliance.
• Perform proactive monitoring, log analysis, and troubleshooting for network security systems.
• Drive automation of repeatable tasks (Ansible, Python, Bash) to improve operational efficiency.
• Support vulnerability remediation and participate in incident response efforts.
• Partner with cross-functional teams to integrate network security into broader infrastructure initiatives.
• Operations and Support:
• Conduct daily monitoring of firewall and network security systems, ensuring high availability and compliance.
• Provide tier-3 escalation support for network security outages or incidents.
• Work with Palo Alto, Fortinet, and other vendors for escalations, patches, and licensing.
• Document processes and train other engineers on network security best practices.
• Provide L2/L3 routing and switching support as necessary.
• Provide occasional support for wireless infrastructure, assisting with policy and configuration updates.
• Participate in on-call rotations, maintenance windows, and emergency response.
• Maintenance:
• Apply critical firewall/NGFW updates, upgrades, and subscription renewals (Threat Prevention, WildFire, URL Filtering, etc.).
• Maintain and administer Palo Alto and Fortinet licensing and subscriptions.
• Keep operational runbooks, configuration standards, and documentation current.

Required qualifications:

• 6+ years of experience in network security engineering in complex, enterprise environments.
• Advanced expertise with Palo Alto Networks platforms (PAN-OS, Panorama, Prisma Access, GlobalProtect).
• Strong understanding of network security protocols, routing, and switching fundamentals.
• Experience with network automation and scripting (Ansible, Python, Bash).
• Bachelor’s degree in a technical discipline or equivalent professional experience.
• Certification such as PCNSE (or equivalent Palo Alto certification).
• Ability to work independently and drive complex initiatives to completion.
• Strong organizational and multi-tasking skills with attention to detail in a process-oriented, change-controlled environment.
• Excellent verbal and written communication skills, with the ability to present to both technical and non-technical audiences.
• Proven team player and mentor, capable of leading peers and collaborating across functions.
• Solution-oriented, constructive approach to troubleshooting and problem-solving.
• Bachelor's degree in a technical discipline or at least 6 years of experience plus an engineer level certification such as a CCNP, JNCIS, VCP-NV or equivalent network-related certification.

Preferred qualifications:

• Familiarity with management of Clearpass or Mist NAC solutions
• Familiarity with management of Fortinet firewalls.
• Light hands-on ability with Juniper platforms (Junos OS) for routing/switching.
• Exposure to Mist wireless for WLAN administration.
• Familiarity with public cloud networking (Azure preferred).
• Knowledge of VMware, Nutanix, Linux, or Windows system administration.
• Additional certifications such as CCNP Security, JNCIS, CCNP Enterprise, or VCP-NV.
• Experience working in highly regulated or mission-critical environments.

#LI-HM1

#LD

Full-time regular employee offer package:

Pay within range listed + Bonus + Benefits + Equity

Temporary employee offer package:

Pay within range listed above + temporary benefits package (applicable after 60 days of employment)

Salary compensation is influenced by a wide array of factors including but not limited to skill set, level of experience, licenses and certifications, and specific work location. All offers are contingent on a cleared background and possible reference check. Military fellows and part-time employees are not eligible for benefits. Please speak to your talent acquisition representative for more information.

###

Shield AI is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please let us know.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.