Job Description

Prisma Access SME


Client - Davita Inc.


Location - Remote


Rate - give us your best rate


Duration - 8 weeks

Notes - Hi everyone, I have learned that this role is truly looking for a SME level individual that can consult a business stakeholder directly and this stakeholder knows a few things about Prisma as well. That includes understanding the needs and be able able to have a dialog about the pro's and con's of configuration with an outcome based approach and being able to still be hands on with engineers.

Responsibilities


Prisma Access SME


Define alpha, beta, and general release plan for onboarding users.


- Confirm GlobalProtect as the primary onboarding method for SWG, with PAC file


fallback for specific use cases.


- Document clients internal processes for GP deployment (e.g., Intune, Company


Portal).


- Define PAC file logic for edge cases where GlobalProtect is not feasible.


- Establish timeline.


§ Policy Planning


- Map Cisco Umbrella access rules to Prisma Access SWG categories.


- Identify custom categories and exceptions for re-creation in Prisma.


§ User Identity Planning


- Confirm availability and structure of user identity sources (e.g., AD, SAML).


- Define group-based policy logic for identity-based web filtering.


§ Testing & Validation Planning


- Develop test cases for foundational SWG functionality and proxy enforcement.


- Define success criteria for pre-change-freeze pilot and post-freeze production rollout.


PAN Prisma Access Implementation| August 2025


Internal Request # R-00921607 v5.3


§ Tenant and Infrastructure Design


- Configure SWG tenant, portal, and SPNs per Palo Alto Networks best practices.


- Prioritize GlobalProtect for traffic steering; design PAC file logic for fallback.


- Align foundational SWG setup with prior Cisco Umbrella architecture to minimize


disruption.


§ Policy Design


- Translate Cisco Umbrella policies to Prisma URL Filtering and security categories.


- Stage advanced features (Threat Prevention, WildFire) for activation after the


foundational rollout.


- Define default actions, allowed categories, and exceptions for launch.


§ Foundational SWG Setup


- Enable Prisma Access SWG in Panorama.


- Deploy core URL filtering policies, logging, and user access enforcement.


- Configure and test GlobalProtect traffic steering.


- Implement PAC file logic and validate fallback paths for edge use cases.


- Onboard Alpha and Beta user groups; validate policy and proxy function.


§ Staged Feature Activation


- Enable Threat Prevention and WildFire post-change freeze.


- Validate advanced policy enforcement and threat visibility.


- Finalize General Availability rollout and tune as needed.


§ User Onboarding and Handoff


- Provide knowledge transfer for clients IT team to support continued rollout and


management.


- Address any escalated onboarding issues and policy tuning post-activation


World Wide Technology is an Equal Opportunity Employer. We strive to create an environment where all employees are empowered to succeed based on their skills, performance, and dedication. Our goal is to cultivate a culture of belonging that encourages innovation, collaboration, and respect for all team members, ensuring that WWT remains a great place to work for AllPrisma Access SME


Define alpha, beta, and general release plan for onboarding users.


- Confirm GlobalProtect as the primary onboarding method for SWG, with PAC file


fallback for specific use cases.


- Document clients internal processes for GP deployment (e.g., Intune, Company


Portal).


- Define PAC file logic for edge cases where GlobalProtect is not feasible.


- Establish timeline.


§ Policy Planning


- Map Cisco Umbrella access rules to Prisma Access SWG categories.


- Identify custom categories and exceptions for re-creation in Prisma.


§ User Identity Planning


- Confirm availability and structure of user identity sources (e.g., AD, SAML).


- Define group-based policy logic for identity-based web filtering.


§ Testing & Validation Planning


- Develop test cases for foundational SWG functionality and proxy enforcement.


- Define success criteria for pre-change-freeze pilot and post-freeze production rollout.


PAN Prisma Access Implementation| August 2025


Internal Request # R-00921607 v5.3


§ Tenant and Infrastructure Design


- Configure SWG tenant, portal, and SPNs per Palo Alto Networks best practices.


- Prioritize GlobalProtect for traffic steering; design PAC file logic for fallback.


- Align foundational SWG setup with prior Cisco Umbrella architecture to minimize


disruption.


§ Policy Design


- Translate Cisco Umbrella policies to Prisma URL Filtering and security categories.


- Stage advanced features (Threat Prevention, WildFire) for activation after the


foundational rollout.


- Define default actions, allowed categories, and exceptions for launch.


§ Foundational SWG Setup


- Enable Prisma Access SWG in Panorama.


- Deploy core URL filtering policies, logging, and user access enforcement.


- Configure and test GlobalProtect traffic steering.


- Implement PAC file logic and validate fallback paths for edge use cases.


- Onboard Alpha and Beta user groups; validate policy and proxy function.


§ Staged Feature Activation


- Enable Threat Prevention and WildFire post-change freeze.


- Validate advanced policy enforcement and threat visibility.


- Finalize General Availability rollout and tune as needed.


§ User Onboarding and Handoff


- Provide knowledge transfer for clients IT team to support continued rollout and


management.

Job Tags

Remote work

Similar Jobs