Principal Cloud & Network Security Engineer

Hard Rock DigitalUnited States, FL
Hybrid

About The Position

Hard Rock Digital is building a team focused on becoming the best online sportsbook, casino, and social gaming company in the world. We’re building a team that resonates passion for learning, operating, and building new products and technologies for millions of consumers. We care about each customer’s interaction, experience, behavior, and insight and strive to ensure we’re always acting authentically. Rooted in the kindred spirits of Hard Rock and the Seminole Tribe of Florida, Hard Rock Digital taps a brand known the world over as the leader in gaming, entertainment, and hospitality. We’re taking that foundation of success and bringing it to the digital space. We're looking for a Principal Cloud & Network Security Engineer to own security across our cloud footprint and all the way out to the edge that fronts millions of players. This spans a genuinely multi-cloud estate — AWS, Azure, and GCP — plus the Cloudflare edge that sits in front of it all. This role reports directly to our VP Security / CISO — cloud, network, and edge security is a first-class pillar of the security program, not a sub-team. You'll join a 16-person security organization, including a dedicated Security Architecture & Engineering team and a 24/7 SecOps function, as the senior technical owner for this domain. This is a high-impact, high-autonomy role for someone who is equally comfortable reasoning about a VPC design, writing a Terraform guardrail, and tuning a WAF rule that protects live betting traffic on the biggest game night of the year.

Requirements

  • 10+ years in cloud, network, or infrastructure security engineering — or equivalent practical experience
  • Deep, hands-on expertise in at least one major cloud (AWS strongly preferred), with working knowledge of a second
  • Experience with cloud security posture and runtime protection tooling (Wiz or equivalent CNAPP/runtime tooling) at scale
  • Strong network security fundamentals: segmentation, firewalls, ZTNA, and secure connectivity patterns
  • Hands-on experience with edge/WAF/CDN protection (Cloudflare a strong plus)
  • Infrastructure-as-Code proficiency (Terraform), a policy-as-code mindset, and scripting/automation skills (Python, Bash, or Go) — comfortable working in CI/CD pipelines
  • A track record of leading through influence — you set technical direction across teams you don't manage, and you can explain a network path to an engineer and a risk to an executive
  • Fluency with AI — you lead with it, reaching for AI tools daily to work faster and sharper; hands-on experience applying AI to security or engineering work is a must

Nice To Haves

  • Experience in a regulated industry (gaming, financial services, healthcare) — especially PCI DSS network segmentation and scoping, or GLI-19/GLI-33 requirements
  • Deep Cloudflare experience across WAF, Bot Management, Access, and the Zero Trust suite
  • Experience securing containers and orchestration — Kubernetes network policy, service mesh, or workload identity
  • Relevant certifications (e.g., AWS Security Specialty, CCSP, GIAC cloud/network security)
  • Experience deploying DNSSEC (or DNS-layer security controls) across a production, multi-zone estate

Responsibilities

  • Own cloud security posture and runtime protection across AWS, Azure, and GCP using Wiz and modern runtime protection tooling — from finding misconfigurations to driving them to closure and catching threats at runtime.
  • Define and maintain secure configuration baselines and guardrails so new cloud resources are safe by default.
  • Partner with SecOps to feed high-quality cloud signals into our detection and response pipeline.
  • Design and implement network segmentation and east-west controls that limit blast radius across our environments.
  • Advance Zero Trust network access using Cloudflare Access, private connectivity, and service-to-service authentication (including mTLS where it fits).
  • Align our network posture to NIST SP 800-207 and the CISA Zero Trust Maturity Model (Networks pillar).
  • Own the security configuration of our Cloudflare edge — WAF, Bot Management, and DDoS protections — plus our broader Cloudflare Zero Trust deployment, protecting Hard Rock Bet, our customer-facing sportsbook and casino.
  • Tune protections to stop abuse and attacks without blocking real players.
  • Build policy-as-code and Terraform guardrails, and embed infrastructure-as-code security scanning (Wiz Code) into CI/CD pipelines.
  • Partner closely with platform and infrastructure teams to make secure infrastructure the default path, not an afterthought.
  • Automate the boring parts so security scales with a fast-moving engineering org.
  • Act as the design authority for cloud, network, and edge security — setting standards, mentoring security and platform engineers, and driving alignment across teams you don't manage.

Benefits

  • Competitive pay and benefits
  • Flexible vacation allowance
  • A hybrid / remote working environment
  • Startup culture backed by a secure, global brand
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service