Network Security & Application Engineer

We are seeking a Network Security & Application Engineer to assist in design, implement, and maintain secure, scalable infrastructure across our cloud environments. This role is critical in safeguarding our systems and data both from the networking as well as application security side.

You will work within our Azure Cloud, and Google Cloud Platform (GCP), and other applicable infrastructure, ensuring adherence to strict regulatory frameworks including HIPAA, SOC 2, and HITRUST.

• Manage secure network architectures across Azure and GCP

• Implement and maintain zero-trust security models, including identity-aware proxies and segmentation

• Configure and monitor Cloudflare services (WAF, DDoS protection, Zero Trust, CDN)

• Manage firewall rules, VPNs, private endpoints, and secure inter-service communication

• Continuously assess and remediate vulnerabilities across infrastructure

• Administer and optimize Azure Active Directory (Entra ID) for identity governance

• Implement SSO, MFA, Conditional Access Policies, and RBAC across cloud platforms

• Integrate identity systems with internal and third-party applications

• Enforce least-privilege access and access lifecycle management

• Partner with engineering teams to embed secure development practices (DevSecOps)

• Conduct threat modeling, code reviews, and security assessments

• Implement API security, secrets management, and secure authentication flows (OAuth, OIDC)

• Support secure deployment pipelines (CI/CD) with automated security controls

• Ensure systems meet HIPAA, SOC 2, and HITRUST requirements

• Support audits by maintaining documentation, controls, and evidence

• Implement logging, monitoring, and alerting aligned with compliance standards

• Drive continuous improvement of security posture and control frameworks

• Deploy and manage security monitoring tools (SIEM, IDS/IPS, cloud-native tools)

• Investigate and respond to security incidents and anomalies

• Conduct root cause analysis and implement preventative measures

• 4+ years of experience in network security, cloud security, or application security

• Hands-on experience with:

• Experience with Infrastructure as Code

• Knowledge of container security

• Familiarity with SIEM tools

• Cloud Security Architecture (Azure & GCP)

• Identity & Access Management (AAD / Entra ID)

• Web & Network Security (Cloudflare, WAF, Zero Trust)

• DevSecOps & Secure SDLC

• Compliance & Risk Management (HIPAA, SOC 2, HITRUST)

• Incident Response & Threat Detection

• A security-first mindset with strong problem-solving skills

• Ability to balance security, usability, and scalability

• Strong communication skills to work cross-functionally with engineering and compliance teams

• A proactive approach to identifying and mitigating risk