IS3 Solutions
Job Summary:
We are seeking a highly skilled Prisma Cloud Security Engineer to enhance our cloud security posture using Palo Alto Networks Prisma Cloud. The ideal candidate will have deep expertise in Prisma Cloud, including policy creation, compliance enforcement, and risk mitigation. The candidate should have experience with threat detection, and vulnerability scanning and management across multi-cloud environments (AWS, Azure, GCP). Additionally, strong proficiency in RQL (Resource Query Language) is required to effectively analyze cloud security risks, identify misconfigurations, and ensure compliance with industry standards.
Key Responsibilities:
1. Prisma Cloud Administration & Security Oversight
Monitor cloud security risks, misconfigurations, and vulnerabilities in AWS, Azure, and GCP environments. 2. RQL Query Development & Security Analytics
Utilize Resource Query Language (RQL) to create and run queries for identifying cloud security risks. Develop custom RQL queries to detect misconfigurations, excessive permissions, and security threats. Automate security reporting and dashboarding using Prisma Cloud RQL queries. Analyze RQL query results to generate insights for remediation and compliance tracking. Create a custom script to capture as much cryptographic information as possible from Prisma Cloud or other tooling Run custom RQL queries and fetch alerts for select policies to identify various resource configurations relating to encryption (data-in-transit/data-at-rest) such as: Identify resources that are using insecure cryptography configurations (i.e. databases, blob storage, volumes, network and application endpoints) by fetching alerts for select policies and/or custom RQL policies Identify PKI details by retrieving certificate details in CSP certificate management services (i.e. AWS Certificate Manager, Azure Key Vault) by fetching alerts for select policies and/or custom RQL queries Run a SSL/TLS scanner (i.e. sslscan) to scan TLS based servers and collect X.509 certificates, ciphers and related information. Qualifications & Skills:
Required:
2+ years of hands-on experience with Palo Alto Networks Prisma Cloud in an enterprise environment. Strong expertise in writing and optimizing RQL queries for security and compliance insights. Deep understanding of cloud security best practices, cloud-native security controls, and identity & access management (IAM). Experience securing multi-cloud environments (AWS, Azure, GCP). Proficiency in security frameworks (CIS, NIST, ISO 27001, SOC 2, PCI-DSS). Familiarity with Infrastructure as Code (IaC) security (Terraform, CloudFormation). Hands-on experience with CI/CD security integration. Knowledge of container security (Kubernetes, Docker) and serverless security principles. Preferred: Palo Alto Networks certifications (e.g., PCSAE - Prisma Certified Cloud Security Engineer). Experience integrating Prisma Cloud with SIEM/SOAR solutions. Scripting and automation skills using Python, Bash, or PowerShell. Knowledge of SOC operations and incident response in cloud environments. Experience with security tools like AWS Security Hub, Azure Security Center, GCP Security Command Center.
We are seeking a highly skilled Prisma Cloud Security Engineer to enhance our cloud security posture using Palo Alto Networks Prisma Cloud. The ideal candidate will have deep expertise in Prisma Cloud, including policy creation, compliance enforcement, and risk mitigation. The candidate should have experience with threat detection, and vulnerability scanning and management across multi-cloud environments (AWS, Azure, GCP). Additionally, strong proficiency in RQL (Resource Query Language) is required to effectively analyze cloud security risks, identify misconfigurations, and ensure compliance with industry standards.
Key Responsibilities:
1. Prisma Cloud Administration & Security Oversight
Monitor cloud security risks, misconfigurations, and vulnerabilities in AWS, Azure, and GCP environments. 2. RQL Query Development & Security Analytics
Utilize Resource Query Language (RQL) to create and run queries for identifying cloud security risks. Develop custom RQL queries to detect misconfigurations, excessive permissions, and security threats. Automate security reporting and dashboarding using Prisma Cloud RQL queries. Analyze RQL query results to generate insights for remediation and compliance tracking. Create a custom script to capture as much cryptographic information as possible from Prisma Cloud or other tooling Run custom RQL queries and fetch alerts for select policies to identify various resource configurations relating to encryption (data-in-transit/data-at-rest) such as: Identify resources that are using insecure cryptography configurations (i.e. databases, blob storage, volumes, network and application endpoints) by fetching alerts for select policies and/or custom RQL policies Identify PKI details by retrieving certificate details in CSP certificate management services (i.e. AWS Certificate Manager, Azure Key Vault) by fetching alerts for select policies and/or custom RQL queries Run a SSL/TLS scanner (i.e. sslscan) to scan TLS based servers and collect X.509 certificates, ciphers and related information. Qualifications & Skills:
Required:
2+ years of hands-on experience with Palo Alto Networks Prisma Cloud in an enterprise environment. Strong expertise in writing and optimizing RQL queries for security and compliance insights. Deep understanding of cloud security best practices, cloud-native security controls, and identity & access management (IAM). Experience securing multi-cloud environments (AWS, Azure, GCP). Proficiency in security frameworks (CIS, NIST, ISO 27001, SOC 2, PCI-DSS). Familiarity with Infrastructure as Code (IaC) security (Terraform, CloudFormation). Hands-on experience with CI/CD security integration. Knowledge of container security (Kubernetes, Docker) and serverless security principles. Preferred: Palo Alto Networks certifications (e.g., PCSAE - Prisma Certified Cloud Security Engineer). Experience integrating Prisma Cloud with SIEM/SOAR solutions. Scripting and automation skills using Python, Bash, or PowerShell. Knowledge of SOC operations and incident response in cloud environments. Experience with security tools like AWS Security Hub, Azure Security Center, GCP Security Command Center.