[Remote] Cloud Network Security Engineer

Note: The job is a remote job and is open to candidates in USA. Prospance Inc is a leading healthcare technology innovator seeking a Cloud Network Security Engineer to design and secure enterprise cloud infrastructure. The role involves architecting cloud-native network security, building infrastructure-as-code automation, and embedding Zero Trust principles across multi-cloud environments, while collaborating with various teams to enhance security across the infrastructure and CI/CD pipelines.

Responsibilities

• Design, implement, and operate secure cloud network architectures in AWS, Azure, and/or GCP including VPCs/VNets, subnets, route tables, security groups, NSGs, Transit Gateways, and PrivateLink/Private Endpoints
• Configure and harden cloud-native firewalls and security services (AWS Network Firewall, Azure Firewall, GCP Cloud Armor, Security Hub, Sentinel, Security Command Center)
• Implement secure hybrid connectivity using Direct Connect, ExpressRoute, Cloud Interconnect, IPsec VPNs, and SD-WAN where applicable
• Build and maintain Zero Trust and microsegmentation strategies for cloud workloads with identity-aware access and least-privilege network policies
• Author and maintain Terraform/CloudFormation modules for network security infrastructure making secure configurations the default
• Automate network security tasks using Python, Bash, or PowerShell including policy validation, drift detection, and incident response
• Integrate network security controls into CI/CD pipelines ensuring reviewed, tested, and safe deployments
• Operate cloud network monitoring and detection using VPC Flow Logs, GuardDuty, Defender for Cloud, and feed signals into SIEM
• Lead investigation and forensic analysis for network-related security incidents in cloud environments
• Conduct network security assessments including penetration testing and vulnerability scans in cloud-native environments
• Develop and enforce network security policies aligned with HIPAA and healthcare compliance requirements
• Partner with cloud engineering, DevSecOps, and application teams to embed security best practices
• Provide technical leadership and mentorship to junior security team members

Skills

• 7+ years network security engineering with minimum 3+ years hands-on in AWS, Azure, or GCP (not just exposure)
• Proven production experience securing cloud infrastructure: VPC/VNet design, security groups/NSGs, cloud firewalls, IAM
• Actual job bullets demonstrating: VPC/VNet architecture, security groups/NSGs configuration, cloud-native security services implementation
• Working proficiency in scripting/automation: Python, Bash, or PowerShell (daily use required)
• Infrastructure-as-Code experience: Terraform preferred, or CloudFormation/Pulumi
• Strong background with network security tooling: firewalls, VPNs, IDS/IPS, DLP, encryption
• Bachelor's or Master's in Computer Science, Information Security, or related field (or equivalent experience)
• Excellent written and verbal communication skills
• Eligible to work in US without sponsorship issues (ASAP start required)
• Deep expertise in one cloud with working knowledge of a second (multi-cloud background)
• Container and Kubernetes networking security (network policies, service mesh, EKS/AKS/GKE)
• Zero Trust, SASE, and microsegmentation in cloud/hybrid contexts
• Cloud-native security platforms: Security Hub, Azure Sentinel, GCP Security Command Center, Wiz, Prisma Cloud
• DevSecOps practices and CI/CD security integration
• Healthcare, finance, or government experience with HIPAA, PCI-DSS, SOX, or HITRUST exposure
• Cloud certifications: AWS Advanced Networking/Security Specialty, Azure Security Engineer, or GCP Professional Cloud Security Engineer
• CISSP, CCNP Security, or CCSP

Company Overview