Prospance IncRemote
Cloud Security Engineer
United States of America
Full Time
6 days ago
$65 - $70 USD
No H1B
Key skills
PythonBashPowerShellAWSAzureGCPTerraformKubernetesPulumiEKSAKSGKECloudFormationIAMPrismaService MeshCI/CDPenetration TestingNetwork SecurityCloud SecurityZero TrustFirewall
About this role
Prospance Inc is a leading healthcare technology innovator, and they are seeking an elite Cloud Network Security Engineer to lead network security architecture and operations. This remote, hands-on senior role involves designing and securing enterprise cloud infrastructure across AWS, Azure, and GCP environments while embedding security into infrastructure and CI/CD pipelines.
Responsibilities:
- Design, implement, and operate secure cloud network architectures in AWS, Azure, and/or GCP including VPCs/VNets, subnets, route tables, security groups, NSGs, Transit Gateways, and PrivateLink/Private Endpoints
- Configure and harden cloud-native firewalls and security services (AWS Network Firewall, Azure Firewall, GCP Cloud Armor, Security Hub, Sentinel, Security Command Center)
- Implement secure hybrid connectivity using Direct Connect, ExpressRoute, Cloud Interconnect, IPsec VPNs, and SD-WAN where applicable
- Build and maintain Zero Trust and microsegmentation strategies for cloud workloads with identity-aware access and least-privilege network policies
- Author and maintain Terraform/CloudFormation modules for network security infrastructure making secure configurations the default
- Automate network security tasks using Python, Bash, or PowerShell including policy validation, drift detection, and incident response
- Integrate network security controls into CI/CD pipelines ensuring reviewed, tested, and safe deployments
- Operate cloud network monitoring and detection using VPC Flow Logs, GuardDuty, Defender for Cloud, and feed signals into SIEM
- Lead investigation and forensic analysis for network-related security incidents in cloud environments
- Conduct network security assessments including penetration testing and vulnerability scans in cloud-native environments
- Develop and enforce network security policies aligned with HIPAA and healthcare compliance requirements
Requirements:
- 7+ years network security engineering with minimum 3+ years hands-on in AWS, Azure, or GCP (not just exposure)
- Proven production experience securing cloud infrastructure: VPC/VNet design, security groups/NSGs, cloud firewalls, IAM
- Actual job bullets demonstrating: VPC/VNet architecture, security groups/NSGs configuration, cloud-native security services implementation
- Working proficiency in scripting/automation: Python, Bash, or PowerShell (daily use required)
- Infrastructure-as-Code experience: Terraform preferred, or CloudFormation/Pulumi
- Strong background with network security tooling: firewalls, VPNs, IDS/IPS, DLP, encryption
- Bachelor's or Master's in Computer Science, Information Security, or related field (or equivalent experience)
- Deep expertise in one cloud with working knowledge of a second (multi-cloud background)
- Container and Kubernetes networking security (network policies, service mesh, EKS/AKS/GKE)
- Zero Trust, SASE, and microsegmentation in cloud/hybrid context
- Cloud-native security platforms: Security Hub, Azure Sentinel, GCP Security Command Center, Wiz, Prisma Cloud
- DevSecOps practices and CI/CD security integration
- Healthcare, finance, or government experience with HIPAA, PCI-DSS, SOX, or HITRUST exposure
- Cloud certifications: AWS Advanced Networking/Security Specialty, Azure Security Engineer, or GCP Professional Cloud Security Engineer
- CISSP, CCNP Security, or CCS