[Remote] Cloud Network Security Engineer
Note: The job is a remote job and is open to candidates in USA. Prospance Inc is a leading healthcare technology innovator seeking a Cloud Network Security Engineer to design and secure enterprise cloud infrastructure. The role involves architecting cloud-native network security, building infrastructure-as-code automation, and embedding Zero Trust principles across multi-cloud environments, while collaborating with various teams to enhance security across the infrastructure and CI/CD pipelines.ResponsibilitiesDesign, implement, and operate secure cloud network architectures in AWS, Azure, and/or GCP including VPCs/VNets, subnets, route tables, security groups, NSGs, Transit Gateways, and PrivateLink/Private EndpointsConfigure and harden cloud-native firewalls and security services (AWS Network Firewall, Azure Firewall, GCP Cloud Armor, Security Hub, Sentinel, Security Command Center)Implement secure hybrid connectivity using Direct Connect, ExpressRoute, Cloud Interconnect, IPsec VPNs, and SD-WAN where applicableBuild and maintain Zero Trust and microsegmentation strategies for cloud workloads with identity-aware access and least-privilege network policiesAuthor and maintain Terraform/CloudFormation modules for network security infrastructure making secure configurations the defaultAutomate network security tasks using Python, Bash, or PowerShell including policy validation, drift detection, and incident responseIntegrate network security controls into CI/CD pipelines ensuring reviewed, tested, and safe deploymentsOperate cloud network monitoring and detection using VPC Flow Logs, GuardDuty, Defender for Cloud, and feed signals into SIEMLead investigation and forensic analysis for network-related security incidents in cloud environmentsConduct network security assessments including penetration testing and vulnerability scans in cloud-native environmentsDevelop and enforce network security policies aligned with HIPAA and healthcare compliance requirementsPartner with cloud engineering, DevSecOps, and application teams to embed security best practicesProvide technical leadership and mentorship to junior security team membersSkills7+ years network security engineering with minimum 3+ years hands-on in AWS, Azure, or GCP (not just exposure)Proven production experience securing cloud infrastructure: VPC/VNet design, security groups/NSGs, cloud firewalls, IAMActual job bullets demonstrating: VPC/VNet architecture, security groups/NSGs configuration, cloud-native security services implementationWorking proficiency in scripting/automation: Python, Bash, or PowerShell (daily use required)Infrastructure-as-Code experience: Terraform preferred, or CloudFormation/PulumiStrong background with network security tooling: firewalls, VPNs, IDS/IPS, DLP, encryptionBachelor's or Master's in Computer Science, Information Security, or related field (or equivalent experience)Excellent written and verbal communication skillsEligible to work in US without sponsorship issues (ASAP start required)Deep expertise in one cloud with working knowledge of a second (multi-cloud background)Container and Kubernetes networking security (network policies, service mesh, EKS/AKS/GKE)Zero Trust, SASE, and microsegmentation in cloud/hybrid contextsCloud-native security platforms: Security Hub, Azure Sentinel, GCP Security Command Center, Wiz, Prisma CloudDevSecOps practices and CI/CD security integrationHealthcare, finance, or government experience with HIPAA, PCI-DSS, SOX, or HITRUST exposureCloud certifications: AWS Advanced Networking/Security Specialty, Azure Security Engineer, or GCP Professional Cloud Security EngineerCISSP, CCNP Security, or CCSPCompany OverviewProspance is an information technology company that provides staffing and project implementation services. It was founded in 2009, and is headquartered in Fremont, California, USA, with a workforce of 201-500 employees. Its website is http://prospanceinc.com.