Skip to content
ZooxZooxFoster City, CA

Network Security Engineer

Network Security Engineer designing, implementing, and operating secure hybrid/multi-cloud network architectures, next-gen firewalls, ZTNA/VPN, and automation (Terraform/Python) across enterprise, OT, and cloud environments (AWS/GCP). Requires 6+ years experience in network security, firewalls, cloud security, IaC, and compliance (NIST, ISO).

181k – 218k/yr
Hybrid6+ YOESecurity Engineering

About the role

Responsibilities

  • Design, implement, and maintain secure hybrid/multi-cloud network architectures (AWS/GCP, CloudWAN); enforce zero-trust access controls and network segmentation across corporate, data center, lab, and edge environments; develop and maintain related policies, standards, and architecture diagrams.
  • Own and operate next-generation firewall platforms (Palo Alto Networks, Fortinet), managing policy architecture, segmentation, NAT, URL filtering, SSL/TLS decryption, and threat prevention tuning.
  • Architect, operate, and own the lifecycle of secure remote access solutions (VPN, ZTNA, site-to-site tunnels), ensuring high availability, certificate-based authentication, and integration with identity providers (SAML, Entra ID).
  • Drive automation and Infrastructure-as-Code (IaC) using Terraform, Python, CI/CD, and REST APIs for configuration management, firewall policies, and security baselines; integrate LLM-based tools to streamline operational tasks and reduce manual toil.
  • Oversee security operations including 24/7 network security monitoring, traffic analysis, threat detection, vulnerability assessments, and remediation; support compliance requirements by conducting security reviews for new projects and infrastructure changes.
  • Drive 802.1X/certificate-based Network Access Control (NAC) initiatives across wired and wireless environments.
  • Collaborate with team members and contribute to cross-functional security initiatives with Product Security, SRE, IT, and Software Engineering teams.

Requirements

  • 6+ years of network security engineering experience securing enterprise, cloud, and OT/lab environments.
  • Deep, hands-on expertise in next-gen firewalls (Palo Alto, Fortinet), AWS NFW, WAFs, IDS/IPS, NAC/802.1X, PKI, VPN, and ZTNA solutions (Zscaler, Netskope, Prisma Access, or equivalent).
  • Strong understanding of core network protocols (TCP/IP, BGP, OSPF, VLAN, 802.1X, TLS/PKI) and cloud networking security principles (AWS, GCP, or Azure).
  • Hands-on experience with IaC and automation tooling including Terraform, Python, CI/CD pipelines, and REST APIs.
  • Experience with network security monitoring, threat detection, and security operations tooling (SIEM, IDS/IPS, vulnerability management platforms), including integration with network controls.
  • Proven experience supporting major compliance initiatives (NIST 800-53, CSF 2.0, ISO 27001), including control implementation and evidence collection.

Nice-to-Haves

  • Experience in autonomous vehicle, robotics, IT/OT or automotive environments.
  • Certifications: PCNSE, AWS Security Specialty, CCNA.
  • Experience experimenting with or deploying AI/ML-based security capabilities (e.g., anomaly detection, behavioral analytics, LLM-driven copilots) in network or cloud security workflows.

Skills

Palo Alto NetworksFortinetTerraformPythonAWSGCPZtnaVpnNac802.1XPkiSIEMIds/IpsNist 800-53ISO 27001
Chime

Senior Offensive Security Engineer

ChimeSan Francisco, CA

Leads offensive security program by conducting red team exercises, developing custom exploits, and emulating adversaries to identify weaknesses in web apps, cloud platforms, and Kubernetes infrastructure. Requires 4+ years in offensive security or red teaming with strong cloud attack experience.

181k – 250k/yr
Hybrid4+ YOESecurity Engineering
Postman

Senior GRC Engineer

PostmanSan Francisco, CA

Senior GRC Engineer responsible for designing, building, and operating automation, integrations, and AI-assisted workflows across governance, risk, and compliance. Leads compliance initiatives including SOC 2, ISO 27001, HIPAA, and FedRAMP while partnering with cross-functional teams to improve security assurance and audit readiness.

180k – 200k/yr
On-site6+ YOESecurity Engineering
Monarch

Senior Application Security Engineer

MonarchUnited States

Senior Application Security Engineer embedded with product and engineering teams at Monarch, a personal finance platform. Conduct AppSec reviews, SAST/DAST, vulnerability management, and AI security for LLM features on Django/Python stack. Requires 5+ years in security engineering with Python and web security expertise.

180k – 215k/yr
Remote5+ YOESecurity Engineering
Temporal

Senior Security Engineer, GRC

TemporalUnited States

Senior GRC engineer owning customer security questionnaires, compliance automation, risk assessments, and policy management across SOC 2, ISO 27001, and HIPAA. Requires 8+ years experience, scripting skills, and strong customer-facing communication.

180k – 225k/yr
Remote8+ YOESecurity Engineering
Kaizen Labs

Senior Security Engineer

Kaizen LabsNew York, NY

Own end-to-end security architecture, compliance (FedRAMP, CMMC), and secure supply chain practices for a federal-focused government platform on AWS. Lead technical readiness and drive secure-by-default engineering in an early-stage environment.

180k – 220k/yr
Hybrid5+ YOESecurity Engineering