Network Security Engineer Specialist

Job Description

This position is not eligible for visa sponsorship, now or in the future. Candidates must be a US Citizen or Green Card Holder

This position is hybrid 3 days per week in either our Cincinnati, OH or Atlanta, GA office

Are you ready to write your next chapter?

Make your mark at one of the biggest names in payments. We're looking for a Network Security Engineer Specialist to join our ever-evolving Edge&Network Security team and help us unleash the potential of every business.

This role strengthens and evolves our secure access and network security platforms across a global enterprise environment. This is a hands-on technical leadership role focused primarily on Secure Web Gateway (SWG), Proxy, SASE, Secure Access, and related network security controls, with responsibility for IPS/IDS and firewall-adjacent security capabilities.

Our core platforms include Zscaler (ZIA / ZPA) and Palo Alto Networks technologies, including Panorama, on-prem NGFW, cloud NGFW, Threat Prevention, and Prisma Access.

This role supports approximately 30,000 users globally across the US, UK, and APAC, operating in a full proxy environment with selective private access, including broad SSL inspection coverage. You will lead engineering and delivery efforts, improve service reliability, mentor other engineers, and act as a technical escalation point during high-severity incidents.

This is an engineering-first role, with approximately 80% of time focused on design, implementation, tuning, and operational improvement, and approximately 20% supporting incident mitigation and high-severity response.

On-Call Expectations: Participate in a rotating on-call schedule for incidents. Act as a senior escalation point for major issues affecting secure access, proxy, SASE, or related network security services. Contribute to post-incident analysis and ensure durable corrective actions are implemented. Participate in readiness activities, operational reviews, and resilience improvements for critical control-plane services.

What you'll own as the Network Security Engineer Specialist

• Lead engineering and continuous improvement for SWG, Proxy, SASE, Secure Access, and IPS/IDS across a global enterprise environment.

• Administer and harden Zscaler (ZIA/ZPA) and Palo Alto platforms, including Panorama, Prisma Access, NGFW, and Threat Prevention.

• Design and maintain scalable security policies for internet access, private application access, SSL inspection, traffic steering, and threat prevention.

• Drive high-quality changes through safe rollout planning, validation, rollback readiness, and post-change review.

• Improve platform reliability, policy quality, and user experience through standardization, tuning, and operational improvements.

• Serve as a technical lead and escalation point for complex issues, high-risk changes, and high-severity incidents.

• Mentor other engineers, review work, and help establish best practices, standards, and runbooks.

• Partner with SOC/IR, Network Operations, infrastructure, application teams, and vendors to deliver secure and reliable services.

• Improve logging, telemetry, SIEM integration, and operational visibility while reducing noise and strengthening control effectiveness.

• Track and improve key measures such as policy accuracy, false positives, service reliability, change success, and time to mitigation.

• Lead vendor escalations and hold partners accountable for response quality, root cause depth, and durable resolution.

What you'll bring

• Bachelor's degree in a related field and 7+ years of experience, or equivalent practical experience.

• Experience in network security or security engineering roles.

• Strong hands-on experience with SWG, Proxy, SASE, or Secure Access in enterprise environments.

• Strong knowledge of Zscaler ZIA/ZPA and Palo Alto technologies including Panorama, NGFW, Threat Prevention, and Prisma Access.

• Experience with proxy policy, SSL inspection, traffic steering, secure access, threat prevention, and user access troubleshooting.

• Strong networking and security fundamentals including TCP/IP, TLS, DNS, routing, NAT, certificates, and zero trust.

• Experience in large-scale global environments and ability to serve as a senior escalation point during major incidents.

• Proven ability to mentor engineers, review work, and communicate effectively across teams.

It's a bonus if you have

• Experience with IPS/IDS tuning and false-positive reduction.

• Experience with Prisma Access, cloud NGFW, or hybrid architectures.

• Familiarity with Terraform, Python, CI/CD, or automation for security platforms.

• Exposure to WAF technologies (Akamai, Cloudflare, or F5 Distributed Cloud), regulated environments, or relevant certifications such as PCNSE or Zscaler.

About the team

To learn more about our winning teams, check out our world-class teams that own it every day.

What makes a Worldpayer

What makes a Worldpayer? It's simple: Think, Act, Win. We stay curious, always asking the right questions and finding creative solutions to simplify the complex. We're dynamic, every Worldpayer is empowered to make the right decisions for their customers. And we're determined, always staying open and winning and failing as one.

Does this sound like you? Then you sound like a Worldpayer. Apply now to write the next chapter in your career.

#LI-AD1

EEOC Statement

Worldpay is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, genetic information, national origin, disability, veteran status, and other protected characteristics. The EEO is the Law poster is available here.

If you are made a conditional offer of employment and will be working in the United States, you will be required to undergo a drug test. In developing this job description care was taken to include all competencies and requirements needed to successfully perform the position. Reasonable accommodations will be provided for individuals with qualified disabilities both during the hiring process, as well as to allow the individual to perform the essential functions of the job, if hired.