Senior Security Engineer – Cloud Networking

Senior Security Engineer – Cloud Networking

Requirements

• 4+ years of experience in network security engineering and infrastructure protection.
• Security domain expertise in designing, implementing, and managing secure network infrastructures in both on-premises and cloud environments.
• Achieved certifications or participated in advanced training on network security (e.g., CISSP, CCNP Security, CCIE Security, GIAC GSEC, or equivalent).
• Proven experience with enterprise-grade firewall platforms (e.g., Palo Alto Networks, Cisco ASA/Firepower), IDS/IPS technologies, and VPN solutions.
• Deep understanding of network protocols and technologies, including advanced routing and switching concepts.
• Experience securing cloud network environments, with hands-on knowledge of AWS networking services like VPCs, Transit Gateways, and security groups.
• Familiarity with network automation and scripting, using tools like Ansible, Python, or similar to streamline security processes.
• Knowledge of zero trust principles and experience implementing network segmentation strategies.
• Strong analytical and problem-solving skills, with experience in threat detection, incident response, and vulnerability management.
• Excellent communication and teamwork abilities, capable of articulating complex security concepts to technical and non-technical stakeholders.
• Passionate about staying current with the latest network security trends and technologies, and applying them to enhance our security posture.

Responsibilities

• Provide technical leadership that drives technology choices and architectural decisions across multiple teams, offering solutions for complex problems around network security standards and best practices.
• Design, implement, and manage network security solutions, including next-generation firewalls, IDS/IPS, and VPNs to protect Klaviyo’s global network infrastructure.
• Monitor and analyze network traffic using advanced tools to detect and respond to security incidents, ensuring timely mitigation of threats.
• Implement and advocate for network segmentation and zero trust architectures, reducing attack surfaces and preventing lateral movement within the network.
• Manage and secure cloud network infrastructures, focusing on VPC configurations, security group policies, and network access controls in AWS, GCP, and Azure.
• Automate network security tasks using scripting and infrastructure as code tools to increase efficiency and reduce the potential for human error.
• Conduct regular network security assessments and penetration tests, identifying vulnerabilities and driving remediation efforts.
• Collaborate closely with Klaviyo’s Engineering, IT, and Product teams to integrate network security into all aspects of our systems and services.
• Develop and enforce network security policies and procedures, ensuring compliance with industry regulations such as PCI DSS, GDPR, and SOC 2.
• Educate and mentor team members on network security best practices, fostering a culture of security awareness and continuous improvement.
• Stay ahead of emerging network security threats and technologies, adapting strategies to proactively mitigate risks.

Preferred Qualifications

No preferred qualifications provided.