Network Security Engineer

Kargo•San Francisco, CA

14h

About The Position

At Kargo, our mission is to build a connective tissue between the physical world of freight and the digital ecosystem used to manage it. We believe that advancements in smart infrastructure are critical to enabling a safer and more efficient future for logistics. Our loading dock sensor platform verifies all incoming and outgoing freight, aggregating data that enables shippers and carriers to efficiently manage dock operations, switch out suppliers and understand material flow in real time. We care deeply about delivering the best solutions for our customers. As a member of the Kargo team, you will have the opportunity to develop and deploy tomorrow’s hardware & software solutions and help revolutionize logistics.

Requirements

3+ years of experience in network security, cybersecurity engineering, or infrastructure security roles.
Strong knowledge of networking protocols and technologies including TCP/IP, DNS, DHCP, VPN, routing, and switching.
Hands-on experience with security technologies such as firewalls, endpoint protection, and vulnerability management tools.
Experience securing cloud environments such as AWS or Google Cloud Platform.
Bachelor's degree in Computer Science, Cybersecurity, Information Security, Computer Engineering, or a related technical field.

Nice To Haves

Hands-on experience with software defined mesh VPN systems like WireGuards, Tailscale, etc.
Familiarity with security frameworks and compliance standards such as SOC 2.
Strong incident response, threat detection, and security troubleshooting skills.
Relevant certifications such as CISSP, CCNP Security, Security+, GSEC, or equivalent.

Responsibilities

Design and implement secure network architectures across cloud, on-premise, and edge/IoT environments.
Configure and maintain firewalls, VPNs, network segmentation, NAC, and secure remote access solutions.
Evaluate and deploy new security technologies and controls.
Monitor network activity and security alerts.
Investigate suspicious activity, security events, and potential breaches.
Lead containment, remediation, and post-incident reviews.
Oversee vulnerability assessments, penetration testing, and security reviews.
Prioritize and remediate identified risks and security gaps.
Maintain security hardening standards and best practices.
Secure cloud infrastructure, network connectivity, and identity/access controls.
Partner with Infrastructure and Engineering teams to embed security into deployments and operations.
Support secure scaling of systems, services, and environments.
Implement zero-touch provisioning and secure identity management for edge hardware to ensure fleet integrity.
Architect secure, low-latency remote access and mesh VPN solutions for intra-fleet communication, field support and fleet maintenance.
Work with customers for networking integration.
Support compliance initiatives (SOC 2, ISO 27001, NIST, etc.).
Develop security policies, standards, and documentation.
Provide security guidance and training to internal teams.