Requirements
- 5+ years in hands-on network-security engineering, protecting large-scale cloud or hyperscale environments and complex distributed systems.
- Deep expertise in edge-protection technologies - DDoS mitigation, web-exploit defense, and Zero-Trust implementations.
- Strong conceptual and practical command of modern cloud and network security.
- Proficient in protocols (TCP/IP, DNS, BGP, HTTP/S), segmentation, VPNs, and firewall tuning.
- Experienced securing AWS, GCP, Azure, or bespoke hyperscale and containerized platforms.
- Demonstrated ability to own security programs end-to-end, mentor engineers, and instill a security-centric mindset across varied teams.
- Excellent at partnering with Networking, Infrastructure, DevOps/SRE, and Software groups to craft security solutions that protect critical assets while empowering the business.
- Skilled in crafting and evaluating security controls for massively scalable systems.
- Familiar with frameworks such as NIST, ISO 27001, and SOC 2 in cloud contexts.
Nice to Have
- Experience inside a top-tier cloud provider or hyperscale setting (FAANG-class or similar) and familiarity with unique security challenges at extreme scale.
- Acquainted with enterprise-grade DDoS and web-application-security platforms - Cloudflare, AWS Shield, Akamai, Arbor, F5, etc.
- Adept at tuning WAF rules and traffic-scrubbing tactics.
- Hands-on design of Zero-Trust networks, including IAM, SSO, MFA, and NAC solutions.
- Comfortable scripting or coding (Python, Go, etc.) to automate security workflows, integrate tools, and secure IaC and CI/CD pipelines.
- Credentials such as CISSP, CCSP, GIAC (GSEC, GCIH, …), or cloud-security specialties (AWS/Azure) that attest to a solid security foundation.
- Active in the security community or open-source projects, with current knowledge of emerging threats, vulnerabilities, and defenses in network and cloud security.
