Network Security & Application Engineer

About The Position

Requirements

• 4+ years of experience in network security, cloud security, or application security
• Hands-on experience with: Azure Active Directory (Entra ID), Google Cloud Platform (GCP), Cloudflare (WAF, Zero Trust, DNS, DDoS protection)
• Strong understanding of: Network protocols, firewalls, VPNs, and secure architectures, Identity & access management (SSO, MFA, RBAC), Secure application design and API security
• Experience working in regulated environments (HIPAA, SOC 2, HITRUST)
• Familiarity with security frameworks (NIST, CIS, ISO 27001)
• A security-first mindset with strong problem-solving skills
• Ability to balance security, usability, and scalability
• Strong communication skills to work cross-functionally with engineering and compliance teams
• A proactive approach to identifying and mitigating risk

Nice To Haves

• Experience with Infrastructure as Code
• Knowledge of container security
• Familiarity with SIEM tools

Responsibilities

• Manage secure network architectures across Azure and GCP
• Implement and maintain zero-trust security models, including identity-aware proxies and segmentation
• Configure and monitor Cloudflare services (WAF, DDoS protection, Zero Trust, CDN)
• Manage firewall rules, VPNs, private endpoints, and secure inter-service communication
• Continuously assess and remediate vulnerabilities across infrastructure
• Administer and optimize Azure Active Directory (Entra ID) for identity governance
• Implement SSO, MFA, Conditional Access Policies, and RBAC across cloud platforms
• Integrate identity systems with internal and third-party applications
• Enforce least-privilege access and access lifecycle management
• Partner with engineering teams to embed secure development practices (DevSecOps)
• Conduct threat modeling, code reviews, and security assessments
• Implement API security, secrets management, and secure authentication flows (OAuth, OIDC)
• Support secure deployment pipelines (CI/CD) with automated security controls
• Ensure systems meet HIPAA, SOC 2, and HITRUST requirements
• Support audits by maintaining documentation, controls, and evidence
• Implement logging, monitoring, and alerting aligned with compliance standards
• Drive continuous improvement of security posture and control frameworks
• Deploy and manage security monitoring tools (SIEM, IDS/IPS, cloud-native tools)
• Investigate and respond to security incidents and anomalies
• Conduct root cause analysis and implement preventative measures

Benefits

• Competitive base compensation
• Equity through our Employee Stock Option Plan
• Bonus-eligible roles
• Full benefits package including unlimited PTO
• 401k program with employer match
• Professional development