Network Security Engineer, Application Engineering

This is a fully remote position, open to applicants in United States.

📋 Description

• Oversee the establishment of secure network architectures within Azure and GCP environments.

• Develop and uphold zero-trust security frameworks, incorporating identity-aware proxies and segmentation strategies.

• Set up and supervise Cloudflare services such as WAF, DDoS protection, Zero Trust, and CDN.

• Manage firewall configurations, VPN connections, private endpoints, and secure inter-service communications.

• Regularly evaluate and address vulnerabilities present in the infrastructure.

• Administer and enhance Azure Active Directory (Entra ID) for effective identity governance.

• Implement Single Sign-On (SSO), Multi-Factor Authentication (MFA), Conditional Access Policies, and Role-Based Access Control (RBAC) across cloud services.

• Integrate identity management systems with both internal and external applications.

• Enforce least-privilege access principles and manage access lifecycle processes.

• Collaborate with engineering teams to integrate secure development methodologies (DevSecOps).

• Perform threat modeling, code evaluations, and comprehensive security assessments.

• Establish API security measures, manage secrets, and create secure authentication workflows (OAuth, OIDC).

• Assist in the establishment of secure deployment pipelines (CI/CD) that include automated security measures.

• Ensure systems adhere to HIPAA, SOC 2, and HITRUST compliance standards.

• Support audit processes by maintaining necessary documentation, controls, and evidence.

• Implement logging, monitoring, and alert systems in accordance with compliance requirements.

• Drive the ongoing enhancement of security posture and control frameworks.

• Deploy and manage security monitoring solutions (SIEM, IDS/IPS, and cloud-native tools).

• Investigate and address security incidents and irregularities.

• Conduct root cause analyses and implement preventive strategies.

⛳️ Requirements

• A minimum of 4 years of experience in network security, cloud security, or application security.

• Practical experience with:

• Azure Active Directory (Entra ID)

• Google Cloud Platform (GCP)

• Cloudflare (WAF, Zero Trust, DNS, DDoS protection)

• Strong knowledge of:

• Network protocols, firewalls, VPNs, and secure architecture principles.

• Identity and access management practices (SSO, MFA, RBAC).

• Secure application design and API security methodologies.

• Experience in regulated environments (HIPAA, SOC 2, HITRUST).

• Familiarity with security frameworks such as NIST, CIS, and ISO 27001.

• Preferred: Experience with Infrastructure as Code practices.

• Understanding of container security principles.

• Knowledge of SIEM tools.

🏝️ Benefits

• Impactful Work: Contribute to innovative solutions that enhance healthcare efficiency and improve patient outcomes.

• Remote Flexibility: Enjoy the benefits of remote work while being part of a collaborative team, with access to our new office in Winter Park, FL.

• Competitive Compensation: Receive a competitive base salary, equity through our Employee Stock Option Plan, and eligibility for bonuses.

• Comprehensive Benefits: Access a full benefits package that includes unlimited PTO and a 401k program with employer matching.

• Growth Opportunities: Propel your career forward in a dynamic, high-impact environment with ample opportunities for professional development.

• Inclusive Culture: Join a diverse workplace where your ideas and contributions are recognized and valued.