Multi-Cloud Architecture: Design and maintain secure, high-performance network architectures across AWS (VPC, Transit Gateway) and GCP (Shared VPC, Cloud Interconnect).
Security Governance: Develop and enforce standardized security policies using AWS Network Firewall, GCP Cloud Armor, and Hierarchical Firewall Policies.
Perimeter Defense: Implement advanced DDoS protection and WAF strategies utilizing AWS Shield Advanced and Google Cloud Armor to protect global endpoints.
Zero Trust & Micro-segmentation: Establish granular network segmentation using Security Groups/NACLs (AWS) and Service Accounts/Tags (GCP), ensuring the principle of least privilege.
Automated Guardrails: Build and maintain Security as Code using Terraform or Pulumi to automate the deployment of compliant network infrastructure.
Required Skills & Qualifications
Experience: 7+ years in Network Engineering, with at least 3+ years specifically focused on cloud security at scale.
Compliance: Deep understanding of regulatory frameworks (PCI-DSS, SOC2, HIPAA) and how to map them to cloud network controls.
Leadership: Experience mentoring junior engineers and leading cross-functional projects with DevOps and AppSec teams.
Preferred Certifications
AWS Certified Security – Specialty or AWS Certified Advanced Networking.
Google Professional Cloud Security Engineer or Professional Cloud Network Engineer.
CISSP or CCSP (Certified Cloud Security Professional).