[Remote] Information Security Engineer, Network Security Engineering

Note: The job is a remote job and is open to candidates in USA. JLL is a leading global provider of real estate and investment management services, committed to empowering talented individuals to thrive in their careers. They are seeking an Information Security Engineer to secure their global network infrastructure, requiring expertise in Palo Alto Networks technologies and a security-first mindset to optimize security controls and collaborate with various teams.

Responsibilities

• Serve as the primary subject matter expert for Palo Alto Networks technologies (NGFWs, Cloud NGFW, Panorama), Web Application Firewall, Content Delivery Network, API Security, IDS/IPS, and DDoS prevention
• Own onboarding, policy tuning, and lifecycle management for WAF and CDN platforms; lead firewall ruleset optimization, IDS/IPS tuning, and DDoS protection configuration
• Partner with internal teams to drive the global rollout, tuning, and operational management of URL filtering and TLS decryption across the network estate
• Lead API security efforts — ensuring API traffic routes through security tooling, identifying vulnerabilities, and working with application teams on fixes
• Lead troubleshooting of complex, multi-layer global network and application issues — from packet captures on inter-continental BGP topologies to WAF false-positive triage
• Partner with business and application teams to produce clear, actionable security documentation, change proposals, and executive-ready findings
• Analyze existing network security architectures, processes, and procedures to identify gaps and drive meaningful improvements
• Configure and report on defensive measures against advanced threat actor tactics; maintain current awareness of the evolving threat landscape and the effectiveness of our defenses against them
• Communicate complex technical problems and solutions clearly to both global engineering teams and C-suite stakeholders
• Champion the broader Security team’s initiatives, not just Network Security Engineering
• Participate in the maintenance and tuning of all network security technologies including WAFs, CDNs, VPNs, and application-aware firewalls
• Leverage and contribute to automation pipelines for global firewall rule deployment and policy management across the network estate
• Utilize security tooling telemetry and data collection automations to produce actionable reporting and metrics for internal teams and executive stakeholders

Skills

• 5+ years of hands-on network security engineering experience designing and implementing enterprise-scale security solutions
• Expert-level proficiency in Palo Alto Networks — NGFWs, Panorama policy management, and PAN-OS; PCNSE or PCNSC certification strongly preferred
• Expert troubleshooting skills across network and application layers, including packet capture analysis on complex, dynamically routed architectures
• Deep understanding of layer 7 web application technologies and WAF/CDN platforms (e.g. Akamai, Cloudflare, Imperva, F5) — onboarding, policy tuning, break/fix troubleshooting, and operational management
• Solid grounding in API security — ensuring API traffic routes through security tooling, evaluating identified vulnerabilities, and partnering with application teams to drive remediation
• Strong HTTP/application security knowledge: TLS interception, SQL injection, XSS, CSRF, command injection, LFI/RFI, rate limiting, bot detection, geo-blocking, and sinkholing
• Intermediate to advanced network routing and switching knowledge with focus on DNS, TCP/IP, IPsec, TLS, GRE, OSPF, and BGP
• Proficiency in at least one scripting language (Python preferred) and familiarity with Linux/CLI tooling
• Working knowledge of public cloud environments (Azure, AWS, GCP)
• Experience with at least one SIEM platform for log analysis, behavioral analytics, and rule tuning
• Proven written and verbal communication skills, including presenting to both technical and non-technical audiences
• Proven track record of taking ownership in unstructured environments — cutting through ambiguity, making sound decisions with incomplete information, building stakeholder consensus, and delivering security improvements without waiting for top-down direction
• Industry certifications: PCNSE, PCNSC, CCNP/CCIE Security, GIAC (GWAPT, GPEN, or similar)
• Experience building metrics pipelines and KPI reporting for security operations
• Familiarity with interconnecting disparate security technologies to solve unique application and security challenges

Benefits

• 401(k) plan with matching company contributions
• Comprehensive Medical, Dental & Vision Care
• Paid parental leave at 100% of salary
• Paid Time Off and Company Holidays
• Early access to earned wages through Daily Pay

Company Overview