Information Security Engineer, Consultant

Job Description

Your Role

The Principal Information Security Engineer, Consultant - Network Protection is a highly skilled technical contributor within the Information Asset Protection team, responsible for designing, implementing, and supporting enterprise-wide network security solutions. This role helps ensure the confidentiality, integrity, and availability of corporate and personal data by contributing to modern network protection strategies and supporting the adoption of advanced security technologies to defend against evolving threats.

Responsibilities

Your Work

In this role, you will:

• Architect and deploy advanced network security solutions, including firewalls, intrusion prevention systems (IPS), secure web gateways, and DNS protection.
• Architect, implement, and support network security solutions including firewalls, intrusion prevention systems (IPS), secure web gateways, DNS protection, and DDoS mitigation across enterprise environments.
• Implement, analyze, and continuously improve network security controls for on premises, cloud, and multi-point (hybrid and distributed) architectures.
• Contribute security architecture recommendations and technology selections that protect company assets, reduce exposure to technology risk, and help prevent security incidents.
• Work toward defined strategic and operational security objectives, delivering outcomes that have measurable impact on IT Security Engineering results.
• Design and support high-availability network security solutions, considering systems design, architecture, cloud technologies, databases, open-source components, and web and mobile platforms.
• Partner with Security Defense Management and Incident Response teams to provide technical guidance, architectural options, and hands-on support during incident handling and threat mitigation.
• Collaborate with DevOps, platform, and infrastructure teams to integrate security controls into infrastructure-as-code (IaC), cloud-native environments, CI/CD pipelines, and containerized platforms.
• Develop and maintain automation scripts, playbooks, and operational runbooks for configuration management, monitoring, and incident response.
• Support the deployment and tuning of threat detection, logging, and analytics capabilities, including automation-driven and behavior-based controls.
• Provide hands-on engineering support for Cisco and Akamai security technologies, contributing to implementation, optimization, and lifecycle management.
• Mentor junior and mid-level engineers and act as a technical role model by sharing best practices, operational knowledge, and emerging network security trends.
• Continuously expand technical depth and architectural judgment in preparation for future principal-level responsibilities.

Qualifications

Your Knowledge and Experience

• Hands-on experience with Cisco security technologies such as Umbrella, Secure Access, ISE, or related platforms.
• Working knowledge of Akamai security solutions, such as Web Application Firewall and edge security services.
• Familiarity with regulatory and compliance considerations (e.g., HIPAA, GDPR, CCPA) as they relate to network security controls.
• Ability to document designs, operational procedures, and security standards clearly.
• Industry certifications such as CISSP, CCNP Security, CCIE Security, or equivalent preferred.

Required Qualifications:

• Bachelor's degree in Computer Science, Cybersecurity, a related field or equivalent experience.
• 7+ years of relevant experience in network security engineering, with demonstrated progression in scope and responsibility.
• Solid understanding of network-based threat detection, logging, and alerting concepts.
• Experience with secure remote access technologies, VPNs, NAC, and identity-aware access controls.
• Practical experience with DevOps and automation tools such as Jenkins, GitLab CI, Terraform, Ansible, and Kubernetes.
• Strong communication skills with the ability to collaborate effectively with engineering peers, architects and security stakeholders.

#LI-CP4

About the Team

About Stellarus and the Ascendiun Family of Companies

Stellarus, launched in January 2025, is designed to scale innovative healthcare solutions that support customers in creating a health care experience deserving of their family, friends, and neighbors.

Stellarus is part of a family of organizations that is overseen by a nonprofit corporate entity named Ascendiun. The Ascendiun Family of Companies also includes Blue Shield of California and its subsidiary, Blue Shield of California Promise Health Plan and Altais, a clinical services company.

Stellarus' vision is to empower its customers to create a healthcare experience that is worthy of their family, friends, and neighbors. Stellarus' objective is to offer innovative, modern, scalable solutions that challenge the health care status quo. This very closely aligns with Blue Shield of California's vision by using innovation to improve quality, affordability, and experience for members.

To achieve our mission, we foster an environment where all employees can thrive and contribute fully to address the needs of the various communities we serve. We are committed to creating and maintaining a supportive workplace that upholds our values and advances our goals.

Our Values:

At Stellarus, our core values of agility, trust, drive, courage and service shape our approach to developing innovative product offerings.

Our Workplace Model:

We believe in fostering a workplace environment that balances purposeful in-person collaboration with flexibility - providing clear expectations while respecting the diverse needs of our workforce. Our workplace model is designed around intentional in-person interaction, collaboration, connection, creativity and flexibility:

• For most teams, this means coming into the office two days per week.
• Employees living more than 50 miles from an office location, out of state employees, and employees in certain member-facing roles should work with their manager to determine in-office time based on business need.
• For employees with medical conditions that may impact their ability to work in-office, we are committed to engaging in an interactive process and providing reasonable accommodations to ensure their work environment is conducive to their success and well-being.

The Company reserves the right to require more presence in the office based on business needs, and requirements are subject to change with periodic reviews.

Physical Requirements:

Office Environment - roles involving part to full time schedule in Office Environment. Based in our physical offices and work from home office/deskwork - Activity level: Sedentary, frequency most of work day.

Please click here for further physical requirement detail.

Equal Employment Opportunity:

External hires must pass a background check/drug screen. Qualified applicants with arrest records and/or conviction records will be considered for employment in a manner consistent with Federal, State and local laws, including but not limited to the San Francisco Fair Chance Ordinance. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran status or disability status and any other classification protected by Federal, State and local laws.