Cruise's Network Access Engineering team is seeking a Staff Network Security Engineer to help architect, build and operate secure, scalable access networks across our growing global footprint of facilities. You will be essential for ensuring Cruise's network designs are secure and that we've an effective, consolidated network automation strategy encompassing observability, device lifecycle management, security policy and vulnerability remediation.
As a network security SME, you'll have strong, influential opinions on networking and network access security, ensuring Cruise's network architectures have security baked-in as a basis of their designs. Your scope includes identity management, access-layer network controls, policy management & enforcement, remote client VPN system strategy & architecture, endpoint vulnerability identification & remediation, and edge access policy dissemination.
Key responsibilities:
- Create and maintain standards-based network designs for Cruise's access network infrastructure
- Shape a convergence strategy for our current mix of Cisco, Arista, Palo Alto, Fortinet and Aruba network equipment
- Create, manage, and maintain access network infrastructure documentation
- Identify, build and mature common access network workflows and design
- Help build, maintain, and automate Cruise's global network, focusing on secure authentication and authorization mechanisms
- Own the remediation of security vulnerabilities, including implementing network access controls
- Design and implement robust network security policies and procedures through centralized management and automation of network devices
- Participate in an on-call rotation
Required qualifications:
- Experience running and guiding network operations and observability initiatives
- Senior resource in a network operations team supporting Cisco, Arista, Palo Alto, Fortinet and Aruba platforms
- Expertise in engineering and deploying access layer connectivity and their policies via scalable automation (CI/CD)
- Expertise in managing and utilizing network monitoring systems and integrating them for automation consumption and triggering
- Expert knowledge of network security best-practices and design patterns
- Experience with understanding of SRE best practices and experience with publishing service SLOs
- Hands-on knowledge and troubleshooting experience of L2 and L3 networking and routing protocols
- Expert level knowledge of edge firewall technologies, remote VPN solutions, and SASE & SD-WAN architectures
- Expert experience with engineering and delivering solutions in 3 or more automation languages and platforms/technologies
If you're passionate about building and operating the global network that supports our autonomous driving mission, this role offers an exciting opportunity to make a significant impact in a cutting-edge technology company.