Network Security Engineer designing, implementing, and operating secure hybrid/multi-cloud network architectures, next-gen firewalls, ZTNA/VPN, and automation (Terraform/Python) across enterprise, OT, and cloud environments (AWS/GCP). Requires 6+ years experience in network security, firewalls, cloud security, IaC, and compliance (NIST, ISO).
181k – 218k/yr
Hybrid6+ YOESecurity Engineering
About the role
Responsibilities
Design, implement, and maintain secure hybrid/multi-cloud network architectures (AWS/GCP, CloudWAN); enforce zero-trust access controls and network segmentation across corporate, data center, lab, and edge environments; develop and maintain related policies, standards, and architecture diagrams.
Own and operate next-generation firewall platforms (Palo Alto Networks, Fortinet), managing policy architecture, segmentation, NAT, URL filtering, SSL/TLS decryption, and threat prevention tuning.
Architect, operate, and own the lifecycle of secure remote access solutions (VPN, ZTNA, site-to-site tunnels), ensuring high availability, certificate-based authentication, and integration with identity providers (SAML, Entra ID).
Drive automation and Infrastructure-as-Code (IaC) using Terraform, Python, CI/CD, and REST APIs for configuration management, firewall policies, and security baselines; integrate LLM-based tools to streamline operational tasks and reduce manual toil.
Oversee security operations including 24/7 network security monitoring, traffic analysis, threat detection, vulnerability assessments, and remediation; support compliance requirements by conducting security reviews for new projects and infrastructure changes.
Drive 802.1X/certificate-based Network Access Control (NAC) initiatives across wired and wireless environments.
Collaborate with team members and contribute to cross-functional security initiatives with Product Security, SRE, IT, and Software Engineering teams.
Requirements
6+ years of network security engineering experience securing enterprise, cloud, and OT/lab environments.
Deep, hands-on expertise in next-gen firewalls (Palo Alto, Fortinet), AWS NFW, WAFs, IDS/IPS, NAC/802.1X, PKI, VPN, and ZTNA solutions (Zscaler, Netskope, Prisma Access, or equivalent).
Strong understanding of core network protocols (TCP/IP, BGP, OSPF, VLAN, 802.1X, TLS/PKI) and cloud networking security principles (AWS, GCP, or Azure).
Hands-on experience with IaC and automation tooling including Terraform, Python, CI/CD pipelines, and REST APIs.
Experience with network security monitoring, threat detection, and security operations tooling (SIEM, IDS/IPS, vulnerability management platforms), including integration with network controls.
Proven experience supporting major compliance initiatives (NIST 800-53, CSF 2.0, ISO 27001), including control implementation and evidence collection.
Nice-to-Haves
Experience in autonomous vehicle, robotics, IT/OT or automotive environments.
Leads offensive security program by conducting red team exercises, developing custom exploits, and emulating adversaries to identify weaknesses in web apps, cloud platforms, and Kubernetes infrastructure. Requires 4+ years in offensive security or red teaming with strong cloud attack experience.
181k – 250k/yr
Hybrid4+ YOESecurity Engineering
Senior GRC Engineer
PostmanSan Francisco, CA
Senior GRC Engineer responsible for designing, building, and operating automation, integrations, and AI-assisted workflows across governance, risk, and compliance. Leads compliance initiatives including SOC 2, ISO 27001, HIPAA, and FedRAMP while partnering with cross-functional teams to improve security assurance and audit readiness.
180k – 200k/yr
On-site6+ YOESecurity Engineering
Senior Application Security Engineer
MonarchUnited States
Senior Application Security Engineer embedded with product and engineering teams at Monarch, a personal finance platform. Conduct AppSec reviews, SAST/DAST, vulnerability management, and AI security for LLM features on Django/Python stack. Requires 5+ years in security engineering with Python and web security expertise.
180k – 215k/yr
Remote5+ YOESecurity Engineering
Senior Security Engineer, GRC
TemporalUnited States
Senior GRC engineer owning customer security questionnaires, compliance automation, risk assessments, and policy management across SOC 2, ISO 27001, and HIPAA. Requires 8+ years experience, scripting skills, and strong customer-facing communication.
180k – 225k/yr
Remote8+ YOESecurity Engineering
Senior Security Engineer
Kaizen LabsNew York, NY
Own end-to-end security architecture, compliance (FedRAMP, CMMC), and secure supply chain practices for a federal-focused government platform on AWS. Lead technical readiness and drive secure-by-default engineering in an early-stage environment.