Skip to content
Senior IT Engineer
| Company | Bright Machines |
|---|
| Location | San Francisco, CA, USA |
|---|
| Salary | $90000 – $140000 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Senior |
|---|
Requirements
- Deep knowledge of cloud security frameworks, firewalls, and identity management solutions
- Strong knowledge of Windows, macOS, and basic Linux administration
- Familiarity with networking fundamentals (IP addressing, DNS, DHCP, VPNs)
- Experience with Active Directory, Microsoft 365, and enterprise security tools
- Ability to troubleshoot IT issues quickly and provide excellent customer service
Responsibilities
- Manage and optimize security controls such as Azure Firewall, AWS WAF, Security Groups, NSGs, and VPN gateways
- Monitor and respond to security incidents using SIEM solutions (Microsoft Sentinel, AWS Security, etc.)
- Configure and manage network security solutions, including firewalls (Palo Alto, Fortinet, and Aruba), IDS/IPS, and load balancers
- Implement Zero Trust principles using Azure AD Conditional Access, MFA, Microsoft Entra ID, AWS IAM, and SSO solutions
- Perform vulnerability assessments and coordinate remediation efforts to mitigate security risks
- Collaborate with IT, DevOps, and security teams to enhance cloud security posture
- Document security policies, procedures, and network diagrams for audits and compliance
- Provide technical support for employees via a help desk ticketing system (Jira)
- Diagnose and resolve hardware, software, and network issues for end-users
- Assist with new user onboarding, including provisioning accounts, setting up workstations, and granting access to systems
- Maintain IT asset inventory and manage equipment lifecycle (laptops, peripherals, mobile devices)
Preferred Qualifications
- Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience)
- 5+ years of experience in network security engineering with Azure and AWS
- Expertise in Palo Alto firewall Panorama, Aruba switch and WiFi
- Hands-on experience with firewalls, IDS/IPS, VPNs, and cloud-native security tools
- Knowledge of network protocols (TCP/IP, DNS, HTTP, routing protocols, etc.) and secure routing principles
- Familiarity with SIEM and SOAR tools for security monitoring and response
- Experience implementing Zero Trust Security and Identity & Access Management (IAM)
- Hands-on experience with conference room AV setups (Zoom, and Microsoft Teams)
