DUE TO THE COMPLEXITY OF THE JOB WE CURRENTLY ACCEPTING USC
Job Description: Principal Cloud Network Engineer
Location: REMOTE
Duration : Long Term
Job Description
Deep expertise in architecting and delivering cloud-native network solutions within large-scale multi-cloud environments, with a strong emphasis on Google Cloud Platform as a primary platform.
Proven ability to design and implement network architectures that support SaaS-based applications, including high availability, scalability, and secure multi-tenant patterns.
Strong understanding of cloud-native constructs (VPCs, shared VPCs, private service access, service networking, load balancing, DNS, IAM integration) and how they underpin SaaS service delivery.
Experience aligning network architectures with modern application development patterns, including microservices, containers (GKE), and API-driven services.
With a deep understanding of modern security architectures and a relentless drive to stay ahead of emerging threats, you thrive at the intersection of innovation and protection.
You bring a proven track record of designing, implementing and operating robust network security solutions, mentoring teams, and influencing enterprise-wide network and security strategies.
Demonstrated leadership skills with the ability to mentor and develop other engineers, fostering a culture of continuous learning and excellence within the team.
Strong technical expertise with application, cloud, data, and network security best practices.
Lead the development and enforcement of comprehensive policies and standards, integrating advanced security practices throughout the network infrastructure to mitigate risks and align with industry-leading security protocols.
Drive security awareness across the organization.
Collaborate with Engineering and Business teams to develop secure engineering practices.
Act as a pivotal technology leader, driving the integration of network and secure engineering practices across the organization while liaising with senior management to ensure a cohesive strategy that aligns with business objectives.
Job Responsibilities
Analysis & Configuration
Architect, design, and implement secure end-to-end network solutions across multi-cloud environments (Google Cloud Platform, AWS, on-premises, and colocation), ensuring seamless integration and consistent policy enforcement.
Lead the design and development of Google Cloud Platform-native network architectures, including:
o Shared VPC models and network segmentation strategies
o Private Service Connect and private access to PaaS/SaaS services
o Cloud Load Balancing architectures (L4/L7, internal/external)
o Hybrid connectivity (Dedicated/Partner Interconnect, VPN)
Define and implement network patterns for SaaS platforms, including:
o Multi-tenant isolation models
o Zero-trust access patterns
o North-south and east-west traffic control strategies
Ensure network designs support application-layer requirements, including latency sensitivity, service discovery, API gateway integration, and resiliency patterns.
Spearhead the evaluation and strategic deployment of cutting-edge network solutions, emphasizing scalability, performance, and adaptability, to fortify the organization's defense against evolving threats.
Operational Support
Participate in operational on-call duties to support a 24/7 infrastructure across multiple regions and environments (cloud, on-premises and colocation).
Lead by example in incident response situations, orchestrating rapid and effective responses while leveraging these experiences to bolster future resilience and response strategies.
Mentorship and Training
Demonstrated leadership skills with developing a comprehensive mentorship program for other engineers, including organizing regular training sessions to elevate the team's technical and security skills. This role requires a commitment to fostering a culture of continuous improvement and knowledge sharing.
Innovation and Research
Proven track record with participation in research and the exploration of next-generation network and security architectures, tools and practices. This includes encouraging the team to engage with the wider technical network and security community, contributing to open-source projects, and staying well-informed of emerging threats and innovative defense mechanisms.
Strategic Planning
Drive the network architecture strategy, ensuring alignment with SaaS platform evolution, cloud adoption, and enterprise security standards (HIPAA/NIST).
Partner with platform, DevOps, and application engineering teams to standardize reusable network design patterns for cloud-native and SaaS workloads.
Establish reference architectures and guardrails for Google Cloud Platform and multi-cloud networking to ensure consistency, compliance, and scalability.
Also play a key role in the strategic planning of the organization's roadmap, including conducting thorough risk assessments, allocating budgets for network and security initiatives, and aligning long-term strategies with overarching business goals. This responsibility includes advocating for network and security within the company and ensuring that security considerations are paramount in all technology decisions.
Qualifications
Basic Qualifications
10+ years in network engineering, with at least 5 years in a leadership or architectural role.
A minimum of a Bachelor s degree in Computer Science, Electronic Engineering, Software Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required.
Proven track record in leading network and cloud initiatives from inception through to successful deployment, demonstrating exceptional project management skills and the ability to navigate complex stakeholder landscapes.
Expertise in:
o Deep expertise in Google Cloud Platform (Google Cloud Platform) networking, including:
VPC design (auto/custom mode, shared VPC, service projects)
Private Service Connect, VPC Service Controls
Cloud DNS, Cloud NAT, Cloud Router
F5 and Google Cloud Platform load balancing (HTTP(S), TCP/SSL proxy, internal LB)
o Strong understanding of SaaS architecture principles, including:
Multi-tenancy models (pooled, siloed, hybrid)
Secure service exposure and ingress/egress design
Identity-aware networking and service-to-service authentication
o Experience designing networks for containerized and cloud-native platforms (GKE, service mesh, ingress controllers).
o Enterprise routing, switching and protocols (BGP, OSPF, MPLS, STP etc.) and technologies (Cisco, Juniper, Palo Alto, Arista, etc.).
o Network security technologies: PAN firewalls/NGFW, IDS/IPS, NAC, ZTNA, DLP, SIEM
o Network and application-centric security tools and concepts (e.g., NGFW, micro-segmentation, service mesh)
o Designing Layer 2/3 topologies, including leaf-spine architectures, including data center fabric technologies (e.g., VXLAN, EVPN, TRILL) and with the ability to design for high availability, redundancy, and scalability.
o Cisco SD-WAN, VPN, remote access, and hybrid connectivity
o Network monitoring and performance tools (e.g., SolarWinds, NetFlow, Wireshark)
Certifications (preferred):
o CCIE/CCNP, JNCIE, AWS/Azure/Google Cloud Platform Networking, PCNSE/PAN or Security Specialty, CISSP
Preferred Qualifications
Experience designing network architectures for AI/ML or high-performance workloads, including GPU-enabled environments across cloud and colocation.
Familiarity with cloud-native security frameworks (BeyondCorp, zero trust networking in Google Cloud Platform/AWS).
Experience supporting SaaS platform scaling and global traffic management, including geo-distributed architectures.
Experience with network automation and Infrastructure as Code (Terraform, KCC)
Familiarity with network virtualization (NSX, Cisco ACI, VMware NSX)
Background in high-availability and disaster recovery design
Strong technical expertise with Networking and Software-Defined Networking (SDN) principles.
Strong technical expertise with developing and interpreting Network, Sequence, and Dataflow diagrams.
Experience with direct, remote, and virtual teams.
Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA).
Strong technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability.
Experience in influencing industry standards and contributing to open-source projects or security communities, highlighting a broader impact beyond the immediate organization.
Education
Bachelor s degree in Computer Science, Engineering, or a related technical field, or equivalent demonstrated professional experience.
Never miss an opportunity! Create an alert based on the job you applied for.
