Cloud Network Security Engineer

About The Position

Requirements

• Doctorate in Cyber Security, Data Science, Mathematics, Computer Science, or related field
• OR Master's Degree in Cyber Security, Data Science, Mathematics, Computer Science, or related field AND 3+ years experience in one or more of the following: Cloud security engineering (Azure, AWS, or GCP) Cloud networking and network security (VNETs, firewalls, routing, segmentation, Zero Trust network controls) Secure cloud architecture or zero‑trust design Threat modeling for cloud-native services Cloud identity & access management (IAM), RBAC, or conditional access Infrastructure‑as‑Code (IaC) security (e.g., Bicep, Terraform) Cloud workload protection, CSPM, CWPP Cloud threat detection, anomaly detection, or behavioral analytics Security monitoring and incident response for cloud environments SIEM/SOAR for cloud logs and telemetry Detection engineering for cloud platforms Leveraging AI/ML for data analytics, cloud threat detection, and automated cloud, network or security tasks
• OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in one or more of the following: Cloud security engineering (Azure, AWS, or GCP) Cloud networking and network security (VNETs, firewalls, routing, segmentation, Zero Trust network controls) Secure cloud architecture or zero‑trust design Threat modeling for cloud-native services Cloud identity & access management (IAM), RBAC, or conditional access Infrastructure‑as‑Code (IaC) security (e.g., Bicep, Terraform) Cloud workload protection, CSPM, CWPP Cloud threat detection, anomaly detection, or behavioral analytics Security monitoring and incident response for cloud environments SIEM/SOAR for cloud logs and telemetry Detection engineering for cloud platforms Leveraging AI/ML for data analytics, cloud threat detection, and automated cloud, network or security tasks
• OR equivalent experience.
• Citizenship & Citizenship Verification: This position requires verification of U.S citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, citizenship will be verified via a valid passport.
• Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.

Nice To Haves

• 5+ years experience securing cloud environments (Azure preferred, AWS/GCP acceptable).
• Experience designing or reviewing secure cloud network architectures (VNETs, Private Endpoints, firewalls, segmentation, routing, DNS, Zero Trust network patterns).
• Experience with cloud-native security controls including Microsoft Defender for Cloud, Defender for Identity, Defender for Endpoint, and Microsoft Entra ID.
• Hands-on experience with IaC security (Terraform, Bicep), CI/CD security, and DevSecOps pipelines.
• Experience with threat detection engineering, cloud telemetry analysis, or building detections for SIEM/SOAR platforms.
• Strong knowledge of network security fundamentals (firewalls, packet inspection, TLS/SSL, VPN, IPS/IDS, SASE, Zero Trust).
• Experience with incident response in cloud or hybrid environments.

Responsibilities

• Design and secure Azure cloud network architectures supporting highly available, fully automated workloads.
• Act as the SME for Azure network security services, advising engineers, developers, analysts, and penetration testers.
• Integrate Azure network services and logs with broader security platforms and cloud‑native big‑data systems to enable monitoring, alerting, and analytics.
• Operate and manage large‑scale cloud network security services, including incident investigation, threat response, and continuous service reliability improvements.
• Automate deployments, configuration updates, and operational workflows using scripting, infrastructure‑as‑code, and AI‑driven solutions.
• Maintain overall platform health through proactive troubleshooting, monitoring, telemetry analysis, and continuous improvement of cloud network coverage.
• Execute cloud service deployments and upgrades in alignment with change management processes while driving service quality through data‑driven insights.