Key Responsibilities
-
Multi-Cloud Architecture: Design and maintain secure, high-performance network architectures across AWS (VPC, Transit Gateway) and GCP (Shared VPC, Cloud Interconnect).
-
Security Governance: Develop and enforce standardized security policies using AWS Network Firewall, GCP Cloud Armor, and Hierarchical Firewall Policies.
-
Perimeter Defense: Implement advanced DDoS protection and WAF strategies utilizing AWS Shield Advanced and Google Cloud Armor to protect global endpoints.
-
Zero Trust & Micro-segmentation: Establish granular network segmentation using Security Groups/NACLs (AWS) and Service Accounts/Tags (GCP), ensuring the principle of least privilege.
-
Automated Guardrails: Build and maintain Security as Code using Terraform or Pulumi to automate the deployment of compliant network infrastructure.
Required Skills & Qualifications
-
Experience: 7+ years in Network Engineering, with at least 3+ years specifically focused on cloud security at scale.
-
Compliance: Deep understanding of regulatory frameworks (PCI-DSS, SOC2, HIPAA) and how to map them to cloud network controls.
-
Leadership: Experience mentoring junior engineers and leading cross-functional projects with DevOps and AppSec teams.
Preferred Certifications
-
AWS Certified Security – Specialty or AWS Certified Advanced Networking.
-
Google Professional Cloud Security Engineer or Professional Cloud Network Engineer.
-
CISSP or CCSP (Certified Cloud Security Professional).