Cloud Network Engineer
Job Title: Cloud Network Engineer (Azure)
Duration: 12+ Months (Possible extension)
Location: New York, NY 10286
Onsite Role (4 days a week)
Responsibilities:
Duration: 12+ Months (Possible extension)
Location: New York, NY 10286
Onsite Role (4 days a week)
Responsibilities:
- The Network Engineer will design, implement, and maintain secure, resilient network capabilities in public cloud environments (e.g., Microsoft Azure).
- The role emphasizes configuration management, asset/data inventories, third party service oversight, secure communications, privacy considerations for systems processing personal data, and continuous monitoring of control effectiveness.
- Collaborate across technology, risk, and compliance teams to ensure that standards are implemented consistently and that audit ready evidence is available.
- Implement and maintain asset and data inventories across in scope cloud subscriptions and resources.
- Develop and uphold configuration management practices, including baseline configurations and protection of configuration documentation; review and update baselines on defined intervals.
- Oversee external service providers and third party integrations to ensure adherence to security, risk, and performance expectations; define oversight roles/responsibilities and support independent reviews where applicable.
- Establish and enforce network communications policies (including wireless usage restrictions within defined authorization boundaries), and ensure monitoring is in place at system boundaries in accordance with enterprise standards.
- Define acceptable use policies for mobile code and VoIP technologies; authorize, monitor, and control usage in line with enterprise security standards.
- Coordinate shared evidence for physical and environmental controls with cloud providers and aggregate provider documentation as needed for audits.
- Conduct privacy impact assessments, where required, prior to deploying systems that process personal data; ensure logging and monitoring align to applicable enterprise requirements.
- Enable continuous monitoring: implement dashboards, metrics, and reporting; track remediation of findings; produce periodic compliance reports and audit artifacts; support authorization and operational readiness reviews as needed.
- Create and maintain clear technical documentation, including control implementation narratives, procedures, and evidence packages; partner with risk, audit, and compliance stakeholders to meet review expectations.
- Collaborate with cross functional teams (cloud engineering, security, architecture, operations) to prioritize remediation, improve control coverage, and drive operational resilience.
- Hands on experience with network engineering in public cloud environments (preferably Azure), including virtual networks, routing, segmentation, security groups/firewalls, and boundary protections.
- Proficiency with cloud governance and policy tooling to assess and enforce configuration and compliance across customer managed resources.
- Strong background in configuration management, including defining baselines, protecting configuration documentation, and maintaining inventories.
- Practical knowledge of secure identity and access practices (e.g., multi factor authentication, least privilege, just in time access) and how customer responsibilities align with provider implemented controls.
- Experience producing audit ready documentation: implementation narratives, procedures, evidence, and periodic compliance reports
- Ability to communicate effectively with technical and non technical stakeholders.
- Scripting or automation experience (e.g., PowerShell, Python, Terraform) for policy enforcement, configuration, monitoring, and evidence collection.
- Experience with Azure networking services (VNets, NSGs, firewalls, Private Link, route tables) and policy as code approaches for governance in large environments.
- Familiarity with enterprise security and risk management practices and working with internal/external audit stakeholders.
- Background supporting regulated workloads or customers, with a focus on operational rigor, documentation quality and continuous monitoring.
