Senior Network Security Engineer

At GFiber, we believe that great internet has the power to drive innovation, strengthen communities, enable the impossible, and do all the everyday things that make all of our world go round. And the job of creating better internet is never done - so we’re growing! Our team is committed to building a place where people who want to make a difference can grow their careers and find their spot to belong.

GFiber is an Alphabet company that brings Google Fiber and Google Fiber Webpass internet services to homes and businesses across the United States. Our teams are expanding as we connect more cities and people to exceptional internet.

The application window will be open until at least June 27, 2025 This opportunity will remain online based on business needs which may be before or after the specified date.

The GFiber security engineering team ensures the security of our infrastructure and tools across the company. We partner with engineering, network, application, and cloud development teams to protect our network and systems, which are critical for delivering reliable internet service. As a Senior Network Security Engineer, you'll be a core contributor, specifically focused on designing, implementing, and maintaining robust security controls directly within our network infrastructure. Your expertise will be vital in strengthening our overall security posture and ensuring the continuous reliability of GFiber's services against evolving threats.

Role Description

We are seeking a highly skilled and proactive Senior Network Security Engineer to architect, implement, and manage advanced security solutions for GFiber's large-scale network infrastructure. You will be a primary contributor to defining and enforcing network security policies, identifying and mitigating vulnerabilities, and responding to security incidents. This role demands deep expertise in network protocols, security technologies (e.g., firewalls, IDS/IPS, VPNs, DDoS mitigation), and automation, with a strong focus on protecting critical infrastructure and ensuring compliance. You will serve as a subject matter expert, providing security guidance, conducting risk assessments, and collaborating with cross-functional teams to build and maintain a secure and reliable network.

In this role, you'll:

• Design, implement, and maintain network security across various network types, including deploying and managing firewalls, IDS/IPS, VPNs, and DDoS mitigation platforms.
• Develop  and enforce network security policies, conducting security assessments, vulnerability scans, and penetration tests, and leading remediation efforts.
• Secure and optimize routing and switching protocols (e.g., BGP, MPLS, VXLAN) and have driven network security automation using scripting languages like Python, Ansible, and Bash.
• Perform network security troubleshooting, incident response, and forensic analysis.
• Collaborate  with various teams (engineering, operations, cloud security) to integrate security from the start and create comprehensive network security documentation.

At a minimum we'd like you to have:

• Bachelor's Degree in Computer Science, Electrical Engineering, Cybersecurity, or a related technical field, or equivalent practical experience.
• 7 years of experience in network security engineering, specifically in designing, implementing, and operating security controls for large-scale production networks.
• Proficient with network protocols (TCP/IP, routing, switching) and their security implications, alongside hands-on experience with leading firewall technologies (Palo Alto, Juniper, Cisco).
• Proven experience with intrusion detection/prevention systems (IDS/IPS), various VPN solutions (IPsec, SSL VPN), and DDoS mitigation techniques.
• Experience with at least one scripting or automation language (e.g., Python, Ansible, Bash) for network security automation, configuration management, and data analysis.

It's preferred if you have:

• Professional security certifications (e.g., CISSP, SANS GIAC certifications like GSEC, GCIA, GCIH; CCNP Security, JNCIP-SEC).
• Experience with security in an ISP or telecommunications environment.
• Familiarity with cloud networking concepts and securing network architectures 
• Experience with network access control (NAC) solutions.
• Knowledge of compliance frameworks (e.g., NIST, ISO 27001, CIS) and experience in implementing controls to meet these requirements.
• Proven ability to lead complex technical security projects and drive cross-functional initiatives.

The US base salary range for this full-time position is between $157,000 - $230,000 + bonus + cash award + benefits. As pay varies by location, your recruiter will share more about the specific salary range for your targeted location during the hiring process.

GFiber is committed to equal opportunity employment regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, gender identity, age, citizenship, marital status, disability or Veteran status. Disclosure is voluntary, and this information will be kept confidential in compliance with Google's Candidate Privacy Policy. For more information please refer to our Equal Employment Opportunity Policy and the EEOC's "Know your rights: workplace discrimination is illegal" (PDF). 

It's important to us to create an accessible, inclusive workplace for everyone. If you have a need that requires accommodation, please let us know by completing our accommodations for applicants form. Our candidate accommodations team will then connect with you to confidentially discuss your options.