// Senior Network Security Engineer

Mario Sanchez

Enterprise Security & AI-Enhanced Engineering at Palo Alto Networks

Dedicated technical advisor for one of PANW's largest global SASE deployments. 8+ years combining deep PAN-OS and Prisma Access expertise with hands-on Python automation and AI-enhanced engineering workflows to protect 100,000+ users across 34 regions.

↓ Download Resume Learn More
linkedin github homelab journal

// About

Professional Summary

100K+
Users Protected
34
Global Regions
8+
Years at PANW
50+
Homelab Services

Senior Network Security Engineer with 15+ years in IT and network security, including 8+ years of customer-facing experience at Palo Alto Networks spanning Technical Support, Customer Success, and Professional Services.

Currently embedded as the dedicated technical advisor for one of PANW's largest global SASE engagements — 100,000+ users across 34+ regions on AWS, Azure, and GCP.

Combines deep PAN-OS and Prisma Access expertise with hands-on Python automation, AI-enhanced engineering workflows, and security research including OWASP Top 10 for LLMs.

// AI-Enhanced Engineering

Pioneering AI in Security Operations

Applied AI Workflows

Built and documented AI-enhanced engineering workflows using LLM tools that measurably accelerate security operations — from automated analysis to intelligent documentation generation.

5-10 hrs/week saved
  • Practices adopted company-wide across engineering teams
  • Claude Code as a force multiplier for security consulting
  • AI-powered infrastructure automation and monitoring

AI Security Research

Active research in LLM security, covering threat modeling, vulnerability assessment, and defensive strategies for AI-integrated systems.

OWASP LLM Top 10
  • AI agent workflows and security risk assessment
  • Prompt injection defense and LLM guardrails
  • Local LLM inference lab (Ollama, PyTorch on Proxmox)

AI-Powered Diagnostic Tools

Purpose-built tools that combine domain expertise with AI capabilities to accelerate troubleshooting and analysis workflows.

Production tooling
  • GlobalProtect log analyzer — automated pattern detection
  • PCAP analyzer — AI-assisted packet capture analysis
  • AI agent pipelines for infrastructure monitoring

// Experience

Career at Palo Alto Networks

December 2020 — Present

Extended Expertise Consultant (Professional Services)

Palo Alto Networks — Embedded at Fortune 500 Clients

Santa Clara, CA

  • Led global Prisma Access deployment for Fortune 500 organization — 100,000+ users across 34+ regions — serving as single technical bridge between customer leadership, PANW engineering, TAC, and partner teams with 99.9% service availability
  • Built Python automation using PAN-OS SDK and Strata Cloud Manager API that reduced DNS config management from 25-35 hours to under 1 minute across 18 global regions (2,700+ manual entries eliminated)
  • Pioneered AI-enhanced engineering workflows using LLM tools (Claude, Gemini) — saving 5-10 hours/week with practices requested by management for company-wide adoption. Evaluated data leakage risks and implemented guardrails for secure AI tool usage
  • Led GlobalProtect rollout from 2,000 to 52,000+ users (2,500 users/day peak deployment), resolving cross-platform authentication and captive portal issues
  • Engineered China tenant architecture pivot — migrated mobile users via Hong Kong/Singapore, proactively identified BGP timer misconfigurations and DNS session issues before they caused outages
  • Built enterprise Python automation tools including SCM SDK address group converter with OAuth 2.0, batch processing at 200-400 objects/min, and reusable delivery templates adopted across global PS engagements
  • Identified and remediated 4,000 disabled rules, 1,100+ unused services, 600+ unused address objects in Panorama
  • Drove early adoption of SCM cloning tool and Prisma Access proxy features, providing direct product feedback to Engineering that influenced feature prioritization
August 2019 — December 2020

Customer Success Engineer, Network Security (Prisma Access)

Palo Alto Networks

Santa Clara, CA

  • Drove 40% Prisma Access adoption across 20 enterprise clients through solutions architecture and cloud security assessments (AWS/Azure)
  • Led migration of 10,000+ L4/L7 proxy rules to NGFW explicit proxy — reduced policy conflicts 60%, boosted performance 20%
  • Designed Zero Trust architectures: secure web gateways, network segmentation, advanced packet inspection for multinational networks
  • Delivered technical presentations and quarterly business reviews to C-level stakeholders across 20 accounts, directly influencing 3 enterprise-wide security platform renewals
July 2017 — August 2019

Technical Support Engineer (Prisma Access)

Palo Alto Networks

Santa Clara, CA

  • Customer-facing support for cloud-based NGFW, Panorama, and early Prisma Access — troubleshooting routing, VPN, and security issues
  • Hardened authentication: SAML, SSO, MFA integrations (Okta, Azure AD) across AWS, Azure, and GCP
  • Collaborated with engineering on complex escalations, contributing field insights to product development
March 2015 — July 2017

Network Support Engineer (Tier 2)

Aeris Communications

Santa Clara, CA

  • Diagnosed and remediated network security issues in site-to-site IPsec VPNs using Wireshark and packet capture analysis
  • Analyzed TCP/UDP, DHCP, and DNS traffic to identify and resolve vulnerabilities in enterprise production environments
  • Deployed and configured VPN appliances (ASA 5500, AnyConnect, Cisco 4451) and monitored enterprise production networks
January 2010 — March 2015

IT Consultant

eFX-Computer

San Leandro, CA

  • Provided technical support and deployed network solutions for small businesses, including Windows/Linux servers and virtualization (Hyper-V)

// Skills

Technical Expertise

Security & Networking

Prisma Access (SASE/SSE) PAN-OS NGFW Panorama GlobalProtect / ZTNA 2.0 Strata Cloud Manager Zero Trust Architecture

Cloud & SASE Infrastructure

AWS (SASE deployments) Azure (SASE deployments) GCP (SASE deployments) Multi-cloud networking

Automation & Development

Python (PAN-OS SDK, SCM SDK) Ansible / Docker Compose REST API Automation OAuth 2.0 CI/CD (Semaphore)

AI/ML Security & Automation

LLM Security (OWASP Top 10) Prompt Injection / Data Leakage LLM Inference (Ollama/PyTorch) AI Agent Workflows AI Security Risk Assessment

Infrastructure

Docker / Proxmox / LXC Linux (Debian/Ubuntu) Graylog / OpenSearch Wazuh XDR Prometheus / Grafana

// Projects

What I Build

AI-Integrated Security Lab

2023 — Present

50+ service security research environment across a 4-node Proxmox cluster with PA-440 NGFW (PAN-OS 11.2) and defense-in-depth across 6 VLANs. Local LLM inference, AI agent pipelines, OWASP Top 10 LLM threat testing. Ansible-driven IaC, Docker orchestration, Semaphore CI/CD, centralized SIEM (Graylog + OpenSearch), XDR (Wazuh), and Prometheus/Grafana observability.

Read the build logs →

Prisma Access DNS Automation

2025

Python automation for DNS config management across 18 global Prisma Access regions — 150 internal domains simultaneously. Reduced deployment from 25-35 hours to under 1 minute (99.9% reduction), eliminating 2,700+ manual entries.

SCM Address Group Converter

2025

Enterprise Python tool using Strata Cloud Manager SDK to convert static address groups to dynamic tag-based groups at scale. OAuth 2.0 auth, intelligent batch processing (200-400 objects/min), comprehensive backup/rollback, exponential backoff retry logic.

View on GitHub →

Troubleshooting Tools

2025

AI-powered diagnostic utilities including a GlobalProtect log analyzer for automated pattern detection and a PCAP analyzer for AI-assisted packet capture analysis. Built to accelerate security troubleshooting workflows.

// Certifications

Credentials

// Education

Education

AA Network Administration — Information Technology

Mission College — Santa Clara, CA — 2015