Job Description :
Title: Cloud Network Security Architect Location: Remote Duration: 6 -12 Months contract Special Notes: MUST HAVE (Virtual Firewalls, PAN Flex, Aviatrix) Candidate must have atleast 15+ years of working experience Description Client is seeking a highly skilled Cloud Network Security Consultant to lead the deployment and configuration of multiple virtual firewalls, while also supporting application separation between production and non-production environments. The ideal candidate will help design a scalable, cost-efficient, and highly available solution capable of supporting up to 40TB/sec aggregate traffic across AWS, Azure, and GCP. This role requires deep expertise in Palo Alto Networks (PAN) VM-Series with Flex licensing, Aviatrix-based cloud networking architectures, and strong understanding of cloud-native design patterns for security, performance, and resilience. Key Responsibilities: Lead the deployment and configuration of multiple PAN VM-Series firewalls using Flex licensing models. Implement and optimize Aviatrix-based cloud network backbone across AWS, Azure, and GCP. Design and advise on application separation strategies between production and non-production environments using firewalls, route segmentation, and policy-based control. Analyze and balance traffic performance, cost optimization, and high availability requirements for a multi-cloud environment with very high data throughput (40TB/sec Evaluate and present trade-offs between Aviatrix and Palo Alto Flex VM architectures, including technical, operational, and cost implications. Assist internal teams with PoC deployments, performance testing, and integration strategies. Document the recommended architecture, deployment plans, and operational guidance. Required Qualifications 5+ years of experience in cloud network engineering or security architecture. Proven track record deploying PAN VM-Series Firewalls managed by Panorama using Flex licensing models. Experience designing and implementing Aviatrix Transit Network (including CoPilot, Spoke, and FireNet) in production environments. Deep knowledge of multi-cloud networking concepts, including: Inter-region and inter-cloud routing AWS cloud WAN, GCP NCC, Azure virtual WAN design & cost modeling expertise Encryption, segmentation, and policy enforcement High availability and failover strategies.