Staff Network Security Engineer

About The Position

Requirements

• Proven Experience: 5 + years in hands-on network-security engineering, protecting large-scale cloud or hyperscale environments and complex distributed systems.
• Edge-Security Mastery: Deep expertise in edge-protection technologies - DDoS mitigation, web-exploit defense, and Zero-Trust implementations.
• Cloud & Network Know-How: Strong conceptual and practical command of modern cloud and network security. Proficient in protocols (TCP/IP, DNS, BGP, HTTP/S), segmentation, VPNs, and firewall tuning; experienced securing AWS, GCP, Azure, or bespoke hyperscale and containerized platforms.
• Security Leadership: Demonstrated ability to own security programs end-to-end, mentor engineers, and instill a security-centric mindset across varied teams.
• Collaborative Communicator: Excellent at partnering with Networking, Infrastructure, DevOps/SRE, and Software groups to craft security solutions that protect critical assets while empowering the business.
• Policy & Compliance Expertise: Skilled in crafting and evaluating security controls for massively scalable systems, and familiar with frameworks such as NIST, ISO 27001, and SOC 2 in cloud contexts.

Nice To Haves

• Hyperscale Background: Experience inside a top-tier cloud provider or hyperscale setting (FAANG-class or similar) and familiarity with unique security challenges at extreme scale.
• DDoS/WAF Toolset: Acquainted with enterprise-grade DDoS and web-application-security platforms - Cloudflare, AWS Shield, Akamai, Arbor, F5, etc. - and adept at tuning WAF rules and traffic-scrubbing tactics.
• Zero-Trust & IAM: Hands-on design of Zero-Trust networks, including IAM, SSO, MFA, and NAC solutions.
• Automation & Scripting: Comfortable scripting or coding (Python, Go, etc.) to automate security workflows, integrate tools, and secure IaC and CI/CD pipelines.
• Certifications: Credentials such as CISSP, CCSP, GIAC (GSEC, GCIH, …), or cloud-security specialties (AWS/Azure) that attest to a solid security foundation.
• Lifelong Learner: Active in the security community or open-source projects, with current knowledge of emerging threats, vulnerabilities, and defenses in network and cloud security.

Responsibilities

• Perimeter & Edge Security Design: Architect and deploy resilient protections at the network edge —including perimeter firewalls, proxy layers, WAFs, and CDN-based controls—to shield Fluidstack’s globally distributed footprint. Every ingress point and service should be hardened against unauthorized activity and attack vectors.
• DDoS Resilience: Create and maintain sophisticated DDoS-defense programs that preserve uptime. Continuously analyze traffic, fine-tune safeguards such as rate-limiting and traffic filtering, and react decisively to volumetric spikes or atypical patterns.
• Driving Zero-Trust: Lead the rollout of a Zero-Trust model across Fluidstack’s cloud and network domains. Engineer solutions that enforce least-privilege, continuous verification, and service micro-segmentation, eliminating implicit trust at every tier.
• Monitoring & Incident Handling: Stand up comprehensive network-security monitoring to surface threats early. Detect indicators of compromise, hunt for vulnerabilities, and orchestrate rapid incident-response actions to limit blast radius.
• Cross-Team Partnership: Collaborate closely with Networking, Infrastructure, SRE/DevOps, and Software Engineering to embed security best practices into designs, deployments, and pipelines. Offer expert input during architecture and code reviews to guarantee security-by-design.
• Leadership & Mentoring: Champion security initiatives and cultivate a security-first culture. Coach junior engineers and peer teams on network-security fundamentals, deliver training, and model strict adherence to policies and standards.
• Policy Stewardship: Author, refine, and enforce security policies and SOPs suited to a highly scalable, distributed environment. Periodically reassess network and cloud-security posture, ensuring alignment with industry benchmarks as the company scales.

Benefits

• Competitive total compensation package (salary + equity).
• Retirement or pension plan, in line with local norms.
• Health, dental, and vision insurance.
• Generous PTO policy, in line with local norms.