Lead Network Engineer, Core42 – United States

About Us:

Core42, a leader in AI-powered cloud and digital infrastructure, is driving transformative technology solutions globally. Leveraging advanced resources and partnerships, Core42 empowers clients to harness sovereign AI infrastructure, especially in sectors with stringent regulatory needs. With a mission to redefine digital transformation, we combine sovereign capabilities with scalable, high-performance compute infrastructure, positioning itself at the forefront of AI innovation in the Middle East and beyond.

The opportunity:

We are seeking an experienced Lead Network Engineer with expertise in Palo Alto Networks firewalls to design, implement, secure, and operate network infrastructure supporting large-scale AI, GPUaaS, HPC, and cloud environments.
This role will focus heavily on firewall policy design, Palo Alto firewall administration, Panorama management, secure traffic routing, network segmentation, threat prevention, logging, and compliance-driven network controls. The Senior Network Engineer will work closely with infrastructure, security, and operations teams to ensure highly available, secure, and scalable network services across datacenter and multi-site environments.

Responsibilities:

•    Design, implement, and manage Palo Alto Networks firewall policies to control, inspect, and secure traffic across enterprise, datacenter, cloud, and GPUaaS environments.
•    Administer Palo Alto firewalls using Panorama, including device groups, templates, template stacks, policy objects, address groups, application groups, shared policies, and centralized configuration management.
•    Build and maintain security policies using App-ID, User-ID, Content-ID, URL filtering, threat prevention, wildfire analysis, DNS security, antivirus, anti-spyware, vulnerability protection, and decryption policies where applicable.
•    Develop and enforce secure network segmentation strategies for multi-tenant environments, including tenant isolation, management-plane separation, production/non-production separation, and restricted administrative access.
•    Configure and troubleshoot firewall networking features including zones, virtual routers, NAT, security policies, policy-based forwarding, GlobalProtect, site-to-site VPNs, IPSec tunnels, and high-availability firewall pairs.
•    Deploy, validate, and support datacenter network infrastructure including front-end fabrics, back-end fabrics, management networks, out-of-band networks, and secure connectivity into AI/HPC environments.
•    Partner with security teams to align firewall configurations with enterprise security standards, audit requirements, zero trust principles, and compliance objectives.
•    Perform firewall rule reviews, policy cleanup, risk analysis, object normalization, and lifecycle management to reduce technical debt and improve security posture.
•    Analyze firewall logs, traffic flows, packet captures, threat logs, system logs, and application usage data to troubleshoot connectivity issues and identify security anomalies.
•    Support routing and network integration involving BGP, OSPF, static routing, VRFs, VLANs, MPLS, VXLAN/EVPN, NAT, and routed firewall deployments.
•    Implement monitoring, alerting, and logging for firewall health, traffic patterns, blocked traffic, policy hits, VPN status, HA status, and security events.
•    Document network architecture, firewall policy standards, traffic flows, segmentation models, escalation procedures, and change management processes.
•    Participate in incident response activities involving firewall logs, network containment, traffic analysis, emergency policy changes, and post-incident reviews.
•    Collaborate with engineering, operations, security, and platform teams to ensure network and firewall designs meet performance, resiliency, security, and scalability requirements.
•    Assist with automation efforts using tools such as Ansible, Python, Terraform, REST APIs, or Palo Alto XML/API integrations to standardize firewall policy deployment and operational workflows.

Qualifications:

•    10+ years of hands-on network engineering experience in enterprise, datacenter, cloud, service provider, HPC, or large-scale infrastructure environments.
•    5+ years of hands-on firewall administration experience, with strong preference for Palo Alto Networks firewalls.
•    Deep working knowledge of Palo Alto PAN-OS, Panorama, security policy management, NAT, zones, virtual routers, HA, VPNs, threat prevention, URL filtering, and logging.
•    Strong understanding of firewall policy design, including least-privilege access, application-based rules, zone-based segmentation, policy ordering, cleanup rules, and object management.
•    Experience supporting high-availability firewall deployments, firewall upgrades, content updates, certificate management, and production change control.
•    Strong networking fundamentals, including TCP/IP, BGP, OSPF, VRFs, VLANs, MPLS, NAT, DNS, DHCP, IPsec, routing, switching, and packet analysis.
•    Experience troubleshooting complex network and firewall issues using tools such as Panorama logs, Palo Alto CLI, packet captures, Wireshark, NetFlow, SNMP, syslog, and SIEM platforms.
•    Experience with secure datacenter networking, cloud connectivity, hybrid environments, and multi-site network designs.
•    Ability to translate application, security, and business requirements into secure network and firewall policy designs.
•    Experience creating and maintaining technical documentation, network diagrams, firewall rule documentation, traffic-flow diagrams, and operational runbooks.
•    Strong communication skills with the ability to work across network, security, infrastructure, application, and leadership teams.

Preferred skills / qualifications

•    Experience in GPUaaS, HPC, AI infrastructure, large-scale cloud, or high-performance datacenter environments.
•    Experience with zero trust architecture, microsegmentation, tenant isolation, and compliance-driven network security controls.
•    Familiarity with network automation using Ansible, Python, Terraform, Git, CI/CD workflows, or Palo Alto APIs.
•    Experience with load balancers, proxy platforms, IDS/IPS systems, DDoS protection, and enterprise monitoring platforms.
•    Relevant certifications such as PCNSE, PCNSA, CCNP Security, CCNP Enterprise, JNCIP, CISSP, or equivalent.

The U.S. base salary range for this full-time role is $133,200 to $199,800, with bonus, LTIP and benefits on top. Salary ranges are set according to the role, level, and location. The range listed on each job posting represents the minimum and maximum target salary for new hires across all U.S. locations. Actual pay within this range will depend on factors such as the specific work location, job-related skills, experience and relevant education or training.