Hirebridge
Aspira has been the market-leading provider of software and services that help public agencies protect natural and cultural resources while making them accessible for all. Our platform supports everything from campground reservations to hunting licenses, helping millions of people discover, enjoy, and care for the outdoors.
We share our client partners’ mission: to steward resources for future generations, create opportunities for genuine enjoyment of the outdoors today, and expand access so more people can experience its benefits.
Aspira is transforming its technology and service model to give agencies more capacity and insight—streamlined tools, smarter automation, and better connections with their communities. Our goal is simple: make it easier for our clients to conserve what matters most and for their customers to enjoy it to the fullest.
The Ideal Candidate
The Senior Security Cloud Network Engineer is a hands-on subject matter expert responsible for implementing and operating secure hybrid-cloud network infrastructures across AWS, and on-premises environments. Reporting to the Director of Information Security, this role executes Aspira’s security strategy by delivering resilient, scalable, and compliant cloud networking solutions, while providing Tier 3 technical depth to the broader security and operations teams. This role translates security strategy into practical, operationalized cloud and network controls. Key Responsibilities
Design and implement secure connectivity across AWS VPCs, Transit Gateway, ExpressRoute, and Direct Connect, in alignment with policies and standards defined by the Director of Information Security. Support hybrid integration of Dallas and China office networks with AWS workloads through site-to-site VPNs, IPSec tunnels, and Direct Connect. Enforce segmentation strategies (subnets, VLANs, security groups, NACLs) using AWS Network Firewall for cloud workloads and Palo Alto/Cisco ASA for on-prem environments, aligned with zero-trust principles. Network Security Configure and manage next-gen firewalls (Palo Alto Panorama, Cisco ASA/Meraki, Fortinet) across cloud and on-prem environments. Deploy and operate AWS-native firewall/security controls (AWS Network Firewall, WAF, Shield). Implement and tune intrusion detection, DDoS mitigation, and endpoint-aware access policies under guidance from the Director. Ensure all logs, flows, and firewall telemetry are ingested into SIEM platforms (Rapid7, LogRhythm, Splunk) as required by security governance. Utilize AWS CloudWatch, CloudTrail, GuardDuty, and Security Hub for visibility and detection. Tune and maintain security alerts for anomalies, IAM misconfigurations, and suspicious traffic. Act as Tier 3 escalation point for complex network/security incidents, reporting incident summaries and remediation outcomes back to the Director of Information Security. Provide technical evidence and reporting to support audits, insurer requirements, and customer security reviews. Support compliance frameworks (NIST, PCI, SOC 2, CIS benchmarks) with security controls and operational evidence. Contribute to security KPIs, including SIEM coverage across assets, MTTR for incidents, and SLA compliance for patching. Automation & Infrastructure as Code Build and manage Infrastructure as Code (Terraform, Ansible, CloudFormation) for secure, repeatable deployments. Embed automated security controls into CI/CD pipelines under direction of the Director’s security roadmap. Continuously optimize cost and performance of cloud networking through automated enforcement of routing, peering, and inspection policies. Partner with DevOps, IT Ops, and AppSec teams to integrate secure networking into projects and migrations. Mentor junior engineers and analysts, aligning daily practices with security policies and standards. Provide architecture recommendations to the Director of Information Security and contribute input during design reviews. Qualifications
7-10 years in network engineering, with at least 4+ years in cloud networking/security. Deep technical knowledge of AWS (VPC, Transit Gateway, Direct Connect, GuardDuty, Security Hub). Hands-on experience with Palo Alto (Panorama), Cisco ASA/Meraki, and Fortinet firewalls. Strong understanding of routing (BGP, OSPF), load balancing, and hybrid troubleshooting. Proficiency in automation/scripting (Terraform, Ansible, Python, Bash, CloudFormation). Familiarity with compliance standards (NIST 800-53, PCI DSS, SOC2, CIS). Preferred certifications: AWS Security Specialty, AWS Advanced Networking Specialty, PCNSE, CCNP Security.
#J-18808-Ljbffr
The Senior Security Cloud Network Engineer is a hands-on subject matter expert responsible for implementing and operating secure hybrid-cloud network infrastructures across AWS, and on-premises environments. Reporting to the Director of Information Security, this role executes Aspira’s security strategy by delivering resilient, scalable, and compliant cloud networking solutions, while providing Tier 3 technical depth to the broader security and operations teams. This role translates security strategy into practical, operationalized cloud and network controls. Key Responsibilities
Design and implement secure connectivity across AWS VPCs, Transit Gateway, ExpressRoute, and Direct Connect, in alignment with policies and standards defined by the Director of Information Security. Support hybrid integration of Dallas and China office networks with AWS workloads through site-to-site VPNs, IPSec tunnels, and Direct Connect. Enforce segmentation strategies (subnets, VLANs, security groups, NACLs) using AWS Network Firewall for cloud workloads and Palo Alto/Cisco ASA for on-prem environments, aligned with zero-trust principles. Network Security Configure and manage next-gen firewalls (Palo Alto Panorama, Cisco ASA/Meraki, Fortinet) across cloud and on-prem environments. Deploy and operate AWS-native firewall/security controls (AWS Network Firewall, WAF, Shield). Implement and tune intrusion detection, DDoS mitigation, and endpoint-aware access policies under guidance from the Director. Ensure all logs, flows, and firewall telemetry are ingested into SIEM platforms (Rapid7, LogRhythm, Splunk) as required by security governance. Utilize AWS CloudWatch, CloudTrail, GuardDuty, and Security Hub for visibility and detection. Tune and maintain security alerts for anomalies, IAM misconfigurations, and suspicious traffic. Act as Tier 3 escalation point for complex network/security incidents, reporting incident summaries and remediation outcomes back to the Director of Information Security. Provide technical evidence and reporting to support audits, insurer requirements, and customer security reviews. Support compliance frameworks (NIST, PCI, SOC 2, CIS benchmarks) with security controls and operational evidence. Contribute to security KPIs, including SIEM coverage across assets, MTTR for incidents, and SLA compliance for patching. Automation & Infrastructure as Code Build and manage Infrastructure as Code (Terraform, Ansible, CloudFormation) for secure, repeatable deployments. Embed automated security controls into CI/CD pipelines under direction of the Director’s security roadmap. Continuously optimize cost and performance of cloud networking through automated enforcement of routing, peering, and inspection policies. Partner with DevOps, IT Ops, and AppSec teams to integrate secure networking into projects and migrations. Mentor junior engineers and analysts, aligning daily practices with security policies and standards. Provide architecture recommendations to the Director of Information Security and contribute input during design reviews. Qualifications
7-10 years in network engineering, with at least 4+ years in cloud networking/security. Deep technical knowledge of AWS (VPC, Transit Gateway, Direct Connect, GuardDuty, Security Hub). Hands-on experience with Palo Alto (Panorama), Cisco ASA/Meraki, and Fortinet firewalls. Strong understanding of routing (BGP, OSPF), load balancing, and hybrid troubleshooting. Proficiency in automation/scripting (Terraform, Ansible, Python, Bash, CloudFormation). Familiarity with compliance standards (NIST 800-53, PCI DSS, SOC2, CIS). Preferred certifications: AWS Security Specialty, AWS Advanced Networking Specialty, PCNSE, CCNP Security.
#J-18808-Ljbffr