Network Security Engineer, Zero Trust
Share
Job Location:
Jacksonville, FL - USA
Monthly Salary:
Not Disclosed
Posted on:
14 hours ago
Vacancies:
1 Vacancy
Job Summary
The Role
We are seeking a highly motivated and experienced Network Security Engineer to join our Network Operations team. This team is central to the design implementation and maintenance of SoFis hybrid and multi-cloud network infrastructure focusing exclusively on security engineering excellence and enforcing Zero Trust principles. As SoFi continues its rapid evolution and growth the demands for scalable secure and highly available networking solutions are paramount. If you thrive in an environment where automation cloud-native tooling and critical high-impact security work are daily occurrences this role offers a significant opportunity to define the future of FinTech security.
What youll do:
- Zero Trust & SASE Architecture: Design implement and operate our global Zero Trust Architecture (ZTA) and Secure Access Service Edge (SASE) solution focusing on advanced configuration of Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) for both corporate and production environments.
- Cloud Network Security: Serve as the Subject Matter Expert (SME) for securing multi-cloud networking environments (AWS and Azure). This includes implementing robust controls for VPC/VNet peering Transit Gateway configurations and leveraging native cloud security services (e.g. Security Hub Firewall Manager).
- Infrastructure-as-Code (IaC) & Automation: Develop test and maintain automated security deployments and configurations using Terraform and version control systems (Git) to ensure security policies are deployed consistently and scalably across all platforms.
- Next-Gen Firewalls: Implement and enhance security policy rules NAT/VPN configurations and advanced threat prevention profiles on Palo Alto Networks Next-Generation Firewalls (NGFWs) ensuring adherence to the least-privilege principle.
- Security Integration: Partner with DevSecOps teams to integrate network security tooling into CI/CD pipelines enabling automated vulnerability checks and compliance enforcement (shift-left security).
- Compliance & Risk: Ensure network infrastructure and controls meet stringent regulatory requirements relevant to FinTech (e.g. PCI DSS SOC 2 SOX).
- Incident Response: Support the Security Operations Center (SOC) by providing expert-level analysis of network security incidents packet captures and flow data to rapidly contain and remediate threats.
What youll need:
- 4 years of hands-on experience in Network Security Engineering or a related role within a fast-paced environment.
- Expertise in Zero Trust concepts and demonstrable experience implementing SASE solutions (e.g. Zscaler Palo Alto Prisma Access).
- Deep practical experience with at least one major cloud platform (AWS or Azure) specifically focused on networking and security services (VPC/VNet Security Groups NACLs Cloud Firewall).
- Advanced troubleshooting skills across the network stack (TCP/IP routing protocols proxies DNS).
Nice to have:
- Relevant certifications such as PCNSE Zscaler ZCCA/ZCCP or AWS Certified Security - Specialty.
- Experience with container networking and security in Kubernetes (e.g. Network Policies Calico).
- Familiarity with Network Access Control (NAC) technologies and protocols (802.1x RADIUS Microsoft NPS).
- Prior experience in a heavily regulated industry particularly FinTech and familiarity with compliance standards (PCI SOX).
- Hands-on experience with advanced monitoring and SIEM tools (e.g. Splunk Elastic Datadog).
Key Skills
- Network security
- Protocols
- ASA
- Tcp/IP
- Routers
- Windows
- Access Control
- Information Security
- Infrastructure
- Linux
- IOS
- Servers
- Troubleshoot
- Intrusion Detection
- Siem
About Company
Why do 10M+ members trust SoFi? Financial solutions for school, marriage, starting a family, home buying, retirement, or whatever’s next. Member FDIC.
