Network Security & Cloud Engineer

About The Position

Requirements

• Bachelor’s degree in Information Technology, Computer Science, or related field; or equivalent experience.
• 3+ years of experience in enterprise network security and/or cloud security engineering roles.
• Hands-on experience securing production AWS and/or Azure environments.
• Experience with AWS security services (IAM, GuardDuty, Security Hub, CloudTrail, Config, KMS, VPC security design)
• Experience with Azure security services (Defender for Cloud, Entra ID/Azure AD, RBAC, NSGs, Conditional Access, Sentinel), Cisco ISE (administration, policy design, troubleshooting), Cisco Catalyst secure switching and segmentation, Meraki MX/MR security configuration, and Cato SASE or comparable SD-WAN/cloud security platform.
• Solid understanding of Zero-trust architecture principles, cloud network architecture VPC/VNet design (subnetting, peering, routing)
• Solid understanding of hybrid connectivity (IPSec, BGP, Direct Connect, ExpressRoute), Firewall technologies (Palo Alto, Cisco, Meraki, etc.) and SIEM platforms and log correlation.

Nice To Haves

• Security+ and CCNA certification (current or actively pursuing), preferred.
• AWS Certified Security – Specialty or Solutions Architect, preferred.
• Azure Security Engineer Associate (AZ-500), preferred.

Responsibilities

• Design, implement, and maintain security controls across enterprise network and multi-cloud (AWS, Azure) environments.
• Architect and enforce Identity and Access Management (IAM) policies in AWS and Azure following least-privilege and zero-trust principles.
• Implement and manage AWS security services (GuardDuty, Security Hub, CloudTrail, Config, IAM, KMS, VPC security groups, NACLs).
• Implement and manage Azure security services (Defender for Cloud, Sentinel, Azure AD/Entra ID, NSGs, RBAC, Conditional Access).
• Secure hybrid connectivity between on-premises networks and cloud environments (VPN, SD-WAN, Direct Connect/ExpressRoute).
• Administer and maintain Cisco ISE for network access control and policy enforcement.
• Secure and monitor Meraki networks across branch and corporate locations.
• Operate and harden Cisco Catalyst infrastructure with segmentation and secure configuration standards.
• Configure and manage Cato SASE / SD-WAN infrastructure for secure branch-to-cloud connectivity.
• Conduct vulnerability assessments across network and cloud assets; coordinate remediation.
• Monitor network and cloud logs via SIEM platforms (Splunk, Sentinel, or equivalent).
• Participate in incident response related to network or cloud security events.
• Develop security standards, documentation, diagrams, and operational runbooks for both network and cloud environments.
• Contribute to cloud security architecture reviews and support compliance requirements (SOC, regulatory audits, etc.).

Benefits

• CCM offers eligible employees a competitive compensation plan and a robust benefits package, including medical, dental, vision, as well as a 401K.
• We also offer company-provided short-term disability, an employee assistance program, and a wellness program.