Fast Facts

We are seeking a Cloud Network & Security Engineer to design, implement, and support secure network infrastructures across on-premises and cloud environments, with a focus on Azure and security protocols

Responsibilities: Key responsibilities include managing firewalls, Cisco switches, and cloud network services, ensuring compliance with security standards, enhancing incident response procedures, and supporting network automation.

Skills: Candidates should have expertise in Palo Alto and Cisco systems, Azure networking, incident detection, and strong documentation skills.

Qualifications: A Bachelor's degree and 5+ years of relevant experience in enterprise network administration and security, along with preferred certifications in network security and cloud engineering.

Location: This position is based in the USA, with potential remote working options.

Compensation: Not provided by employer. Typical compensation ranges for this position are between 100,000 - 140,000.

                       Cloud Network & Security Engineer

Department:  IT

Reports To:   Sr. Director Technology Operations

Position Summary:

The Cloud Network & Security Engineer is responsible for designing, implementing, and supporting secure, scalable, and resilient network infrastructure across both on-premises and cloud environments. This role owns the enterprise firewall, switching, and wireless infrastructure while also leading cloud network security efforts including Azure NSGs, conditional access policies, and VPN connectivity. The engineer partners with infrastructure, endpoint, and security teams to ensure end-to-end protection and access control, acting as a Tier 2.5 escalation point for network and cloud security issues.

Essential Duties and Responsibilities:

• Manage and maintain Palo Alto firewalls (on-prem and cloud), Cisco switches, and Meraki wireless infrastructure.
• Design, implement, and administer Azure network services including NSGs, route tables, VPNs, and firewall configurations.
• Support implementation and optimization of conditional access, identity-aware access controls, and hybrid connectivity.
• Collaborate with security and infrastructure teams to align network configurations with compliance and governance standards.
• Serve as a Tier 2.5 escalation point for network and infrastructure-related security incidents.
• Develop and maintain detailed documentation including network diagrams, runbooks, and change management records.
• Assist with onboarding new systems into network monitoring platforms; tune alerts and thresholds as necessary.
• Participate in cross-functional projects related to Zero Trust networking, segmentation, and infrastructure security design.
• Support DLP, compliance scanning, and external system connectivity as needed.
• Review, maintain, and update technical documentation related to cloud infrastructure, network configurations, and security controls to ensure completeness, accuracy, and alignment with current architecture and policies
• Train and mentor Tier 1–2 team members on standard network procedures and issue response.
• Support network-as-code automation efforts using terraform or similar IaC tools. 
• Supports incident response coordination with security teams.
• Support the integration of network logs into SIEM platforms and assist with vulnerability scanning and tuning alert thresholds. 
• Support efforts to implement Microsoft Entra Global Secure access 

What you should show up ready to teach anyone on your first day:

• Best practices for securing and segmenting hybrid cloud networks.
• How to analyze and resolve issues involving Palo Alto, Cisco, or Azure-based routing and firewalling.
• Techniques for writing clean and maintainable documentation for infrastructure changes.
• The logic behind conditional access and role-based network restrictions.

Within your first month, you’ll:

• Audit current firewall, NSG, and VPN configurations; identify and recommend improvements.
• Establish operational runbooks and diagrams for all major network paths.
• Develop a monitoring and incident response baseline for key network components.

Within your first year, you’ll:

• Design and implement secure hybrid network architecture aligned to Zero Trust principles.
• Lead technical input into network and cloud infrastructure audits and assessments.
• Collaborate with compliance, cloud, and security teams to validate network controls and documentation.

Supervisory Responsibilities: None

Education and Experience:

• Bachelor’s degree or equivalent combination of education and experience.
• Five (5)+ years of experience in enterprise network administration and security.
• Hands-on experience with Palo Alto firewalls, Cisco switching, and Meraki wireless systems.
• Experience managing hybrid and cloud networks, particularly in Azure (NSGs, VNets, VPN gateways).
• Familiarity with conditional access, identity-aware networking, and enterprise access control.
• Knowledge of security policies and procedures aligned with regulatory frameworks such as PCI DSS, NIST, and GDPR
• Familiarity with (IaC) tools and environments such as Terraform.
• Strong understanding of firewalling, routing, segmentation, and zero trust principles.
• Experience with monitoring platforms and incident detection.
• Strong documentation and communication skills.
• Ability to collaborate cross-functionally across infrastructure, endpoint, and security teams.

Certifications preferred (or equivalent experience):

• Palo Alto Networks Certified Network Security Engineer (PCNSE)
• Microsoft Certified: Azure Network Engineer Associate
• Cisco Certified Network Associate (CCNA) or higher