Network Security Engineer - Remote

Job Summary

The Network Security Engineer is a key member of our Cybersecurity team, working closely with our Network Engineering, Cloud, and Security Operations groups to safeguard the organization’s hybrid infrastructure. Reporting to the IT Security Manager, this role plays an essential part in designing and improving the network security controls that protect our on‑premises, cloud, and containerized environments.

The Network Security Engineer is a key member of our Cybersecurity team, working closely with our Network Engineering, Cloud, and Security Operations groups to safeguard the organization’s hybrid infrastructure. Reporting to the IT Security Manager, this role plays an essential part in designing and improving the network security controls that protect our on‑premises, cloud, and containerized environments.

A typical day in this role includes partnering with network engineers to review and strengthen our network security posture and segmentation strategies, collaborating with cloud teams on secure connectivity and access patterns, evaluating network telemetry with our SIEM engineer to ensure proper coverage and alerting for our SOC, and participating in architecture discussions to ensure that network security is built into new initiatives from the start.

The engineer will spend time reviewing configurations, developing recommendations for network security improvement, and leading ongoing projects aimed at maturing our networking defenses across data centers, cloud platforms, and production environments.

This role may require occasional travel and on‑site collaboration for annual planning sessions or major incident response activities. As part of an evolving and highly collaborative security program, the Network Security Engineer adds significant value by shaping secure network architecture, strengthening detection capabilities, reducing attack surface across the enterprise, and helping the business maintain a resilient, reliable, and secure technology ecosystem.

• Access to a reliable and secure high‑speed internet connection. Cable or fiber internet connections (at least mbps download/mbps upload) are preferred, as satellite connections often cannot support the technologies used to perform day‑to‑day tasks.
• Access to a home router and modem.
• A dedicated home office space that is noise‑ and distraction‑free. The space should have strong wireless connection or a wired Ethernet connection (wired connection is preferred, if possible).
• A valid, physical address (apartment, suite, etc.). PO Boxes are not supported, as a physical address is required for you to receive your computer equipment.
• The desire and ability to work and communicate with other team members via chat, webcam, etc.
• Legal residents of one of the following states: (AK, AL, AR, AZ, CT, DE, FL, GA, IA, , IN, KS, KY, LA, MD, ME, MI, MN, MO, MS, NC, ND, NH, NM, NV, OH, OK, PA, SC, SD, TN, TX, UT, VA, VT, WI, WV, and WY).

We only accept W‑2 candidates, H‑1B sponsorship is not available.

• Own the design and implementation of network security controls across on‑premises, cloud, and containerized environments, ensuring that segmentation, access controls, and monitoring capabilities align with enterprise security standards and business needs.
• Serve as the primary security partner to the Network Engineering and Cloud teams
  , providing expert guidance on secure architectures, connectivity models, and risk mitigation strategies. This includes influencing design decisions and ensuring security is embedded into new and existing infrastructure.
• Lead initiatives that strengthen network security posture
  , such as segmenting critical systems, securing DMZ and public‑facing zones, improving container network controls, and maturing detection and logging across hybrid environments.
• Act as a key contributor to the organization’s threat detection strategy by ensuring appropriate network telemetry is collected, normalized, and integrated into the SIEM. Work closely with the SIEM engineer and SOC to improve alerting fidelity and visibility across the network.
• Drive continuous improvement efforts by…