# Network Security Engineer
**Company:** [Kargo](https://hotfix.jobs/companies/kargo)
**Location:** San Francisco, CA
**Experience:** 3+ years
**Skills:** Network Security, TCP/IP, DNS, Dhcp, Vpn, Routing, Switching, Firewalls, AWS, GCP, Vulnerability Management, Endpoint Protection, SOC 2, ISO 27001, Nist
**Posted:** 2026-06-24
> Design and implement secure network architectures across cloud, on-premise, and edge/IoT environments. Configure firewalls, VPNs, and manage security operations, incident response, and compliance initiatives.
## Job Description
## Responsibilities

### Network Security Architecture & Engineering
- Design and implement secure network architectures across cloud, on-premise, and edge/IoT environments.
- Configure and maintain firewalls, VPNs, network segmentation, NAC, and secure remote access solutions.
- Evaluate and deploy new security technologies and controls.

### Security Operations & Incident Response
- Monitor network activity and security alerts.
- Investigate suspicious activity, security events, and potential breaches.
- Lead containment, remediation, and post-incident reviews.

### Vulnerability Management & Risk Reduction
- Oversee vulnerability assessments, penetration testing, and security reviews.
- Prioritize and remediate identified risks and security gaps.
- Maintain security hardening standards and best practices.

### Cloud & Infrastructure Security
- Secure cloud infrastructure, network connectivity, and identity/access controls.
- Partner with Infrastructure and Engineering teams to embed security into deployments and operations.
- Support secure scaling of systems, services, and environments.

### IoT/Edge Networking/Security
- Implement zero-touch provisioning and secure identity management for edge hardware to ensure fleet integrity.
- Architect secure, low-latency remote access and mesh VPN solutions for intra-fleet communication, field support and fleet maintenance.
- Work with customers for networking integration.

### Governance, Compliance & Security Enablement
- Support compliance initiatives (SOC 2, ISO 27001, NIST, etc.).
- Develop security policies, standards, and documentation.
- Provide security guidance and training to internal teams.

## Requirements
- 3+ years of experience in network security, cybersecurity engineering, or infrastructure security roles.
- Strong knowledge of networking protocols and technologies including TCP/IP, DNS, DHCP, VPN, routing, and switching.
- Hands-on experience with security technologies such as firewalls, endpoint protection, and vulnerability management tools.
- Experience securing cloud environments such as AWS or Google Cloud Platform.
- Bachelor's degree in Computer Science, Cybersecurity, Information Security, Computer Engineering, or a related technical field.

## Nice-to-Haves
- Hands-on experience with software defined mesh VPN systems like WireGuard, Tailscale, etc.
- Familiarity with security frameworks and compliance standards such as SOC 2.
- Strong incident response, threat detection, and security troubleshooting skills.
- Relevant certifications such as CISSP, CCNP Security, Security+, GSEC, or equivalent.
**Apply:** https://hotfix.jobs/jobs/network-security-engineer-at-kargo-9214b95b-2b63-48e0-807b-7fed8919d360
**Canonical:** https://hotfix.jobs/jobs/network-security-engineer-at-kargo-9214b95b-2b63-48e0-807b-7fed8919d360