Sr. Network Security Engineer

SpaceXHawthorne, CA
$165,000 - $235,000Onsite

About The Position

SpaceX is looking for a Sr. Network Security Engineer with deep expertise in network security technologies and a strong emphasis on remote access VPN solutions (particularly Tailscale and WireGuard). This role requires a strong networking, infrastructure, systems, and software background and will focus heavily on designing, deploying, managing, securing, and troubleshooting enterprise remote VPN infrastructure. The employee will be a member of the Network Security Engineering team. The ideal candidate will be flexible, excel at multi-tasking, and flourish in a fast-paced and challenging environment. This person should be a self-starter, self-motivator, and possess the ingenuity to excel in this position.

Requirements

  • Bachelor’s degree in a STEM field and 5+ years of network security experience; OR 8+ years of network security experience in lieu of a degree.
  • 3+ years of experience securing networks, IT infrastructure, applications, endpoints, and/or APIs.

Nice To Haves

  • Proven experience leading the design, deployment, and operation of enterprise remote access VPN solutions (Tailscale, WireGuard, or comparable SSL/IPsec/WireGuard-based platforms) in large-scale, multi-site or multi-region environments with high reliability requirements.
  • Deep hands-on expertise with modern remote access platforms, including client management, access policies, split-tunneling, performance tuning, and complex troubleshooting across diverse operating systems.
  • Strong systems engineering foundation: deep networking knowledge, experience managing Linux infrastructure, and the ability to design and implement solutions from the ground up rather than solely administer existing systems.
  • Demonstrated automation and software skills in Python for building custom tooling, services, and CI/CD workflows, with strong system design thinking to evaluate second- and third-order effects and build resilient systems.
  • Comfortable reading and reviewing Go code, particularly in the context of understanding upstream changes in projects.
  • Experience with dynamic routing (eBGP, iBGP, OSPF, SD-WAN), network segmentation, logging/alerting with SIEMs, and zero-trust architectures.
  • Ability to diagnose low-level connectivity and performance issues and to work effectively with stakeholders and end users.
  • Self-starter with excellent time-management, communication (written and verbal), and collaboration skills; mid-career professional who has successfully owned similar infrastructure or remote-access initiatives.

Responsibilities

  • Provide subject matter expertise on network security, firewalls, zero-trust architectures, and industry best practices, with primary focus on modern remote access VPN technologies.
  • Architect, design, deploy, and secure enterprise remote access VPN solutions end-to-end (including supporting components such as routers, exit nodes, and connectors), with strong emphasis on Tailscale, WireGuard, IPsec, and SSL-based implementations.
  • Own the full lifecycle of remote access infrastructure from initial design and ground-up implementation through ongoing management, policy definition, client distribution, and performance optimization.
  • Configure, deploy, and support VPN clients across multiple platforms (Windows, macOS, Linux, iOS, Android) while performing advanced troubleshooting of complex connectivity and performance issues.
  • Manage Linux-based infrastructure and network security systems with end-to-end ownership of configuration, custom tooling, and operational reliability.
  • Develop automation and CI/CD workflows (Python or similar) to streamline deployment, policy enforcement, monitoring, and maintenance of remote access and security systems.
  • Implement and support zero-trust remote access architectures; manage firewall policies and network security appliances with tight integration of VPN solutions.
  • Serve as an escalation point for complex network security and remote connectivity challenges; collaborate cross-functionally with engineering and operations teams to gather requirements, design secure solutions, and communicate best practices.
  • Monitor VPN performance, logs, and overall security posture; proactively identify issues, drive resolutions, and formalize processes and change management for remote access infrastructure.
  • Apply system patches, perform periodic maintenance, and continuously improve the reliability and security of the remote access environment.

Benefits

  • Comprehensive medical, vision, and dental coverage
  • Access to a 401(k) retirement plan
  • Short and long-term disability insurance
  • Life insurance
  • Paid parental leave
  • Various other discounts and perks
  • 3 weeks of paid vacation
  • 10 or more paid holidays per year
  • Paid sick leave
  • Long-term incentives, in the form of company stock or long-term cash awards
  • Potential discretionary bonuses
  • Ability to purchase additional stock at a discount through an Employee Stock Purchase Plan
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service