Senior Network Security Engineer

As a Senior Network Security Engineer specializing in Network and Endpoint Security, you will design, implement, and maintain security solutions to protect our organization's infrastructure and data security. You'll focus on:

1. Implementing and improving endpoint detection and response (EDR) and Data Loss prevention (DLP) technologies.
2. Securing network traffic, and driving key initiatives to enhance our overall network security posture.
3. Maintaining security aspects of our Software-Defined Networking solution, Firewall and VPN.

This is a fully remote role, with the option to work from anywhere within Canada. If you're excited about designing and securing the future of data, we’d love to have you on our team!

The Impact You’ll Have

• Endpoint Security:
  • Deploy and manage Endpoint Detection and Response (EDR) and endpoint and or cloud based Data Loss Prevention (DLP) solutions.
  • Investigate and remediate endpoint threats while ensuring compliance with security policies.
• Network Security: 
  • Architect, implement, and maintain firewalls, VPNs, and proxies to secure network communication.
  • Implement "always-on" VPN solutions, including strategies for egress and ingress traffic filtering, split tunneling, and secure access controls.
  • Enhance DNS security using Cisco Umbrella or similar DNSSEC tools.
  • Monitor, analyze, and secure network traffic to prevent unauthorized access and data breaches.
  • Design and maintain security policies for Software Defined Networking (SDN) environments.
  • Ensure effective egress and ingress filtering across cloud and on-premises environments.
• AWS Network Security:
  • Implement and manage AWS-native security solutions, including AWS WAF (Web Application Firewall), AWS Shield, and AWS Firewall Manager.
  • Configure and optimize AWS Security Groups, Network ACLs, and VPC flow logs to ensure secure and efficient network operations.
  • Leverage AWS CloudTrail and AWS Config to monitor and enforce security compliance across AWS environments.
  • Implement secure architecture patterns for AWS services, including secure configurations for API Gateway, ALB/ELB, and private connectivity using AWS PrivateLink.
  • Deploy and manage traffic inspection solutions, such as AWS Network Firewall and third-party security appliances, within AWS environments.
• Network Protocol Expertise:
  • Analyze and secure communication protocols (e.g., TCP/IP, HTTP, HTTPS, DNS, SSL/TLS) to safeguard against vulnerabilities.
  • Implementing IPSec and SSL VPN based solutions.
  • Perform deep packet inspection to identify and mitigate threats in real-time.
  • Identify and address network misconfigurations or design flaws to strengthen the overall security architecture.
• Secure Remote Work:
  • Develop and deploy security solutions tailored to remote work environments.
  • Ensure secure configurations for "always-on" VPNs and split-tunneling scenarios.
• Incident Response:
  • Collaborate with the Security Operations Center (SOC) for network and endpoint incident investigations.
  • Lead post-incident analysis and recommend preventive measures.
• Collaboration & Compliance:
  • Work with cross-functional teams to support regulatory compliance initiatives.
  • Educate staff on security best practices and enhance the security culture across the organization.

Who You Are: 

• A minimum of 5 years related experience with a Bachelor’s degree; or 3 years and a Master’s degree; or a PhD with 2 years’ experience; or an equivalent combination of related education and work experience.
• Proven experience with endpoint security tools (e.g., CrowdStrike, Carbon Black, or similar).
• 3+ years hands-on experience working with network security technologies: firewalls, VPNs, proxies, and DNS security solutions like Cisco Umbrella.
• Strong understanding of secure network architecture and protocols (e.g., TCP/IP, DNS, HTTPS, VPN).
• 3+ years Experience implementing and managing egress and ingress traffic filtering strategies, including split tunneling configurations.
• 2+ years hands-on experience with Software Defined Networking (SDN) is a significant advantage.
• 2+ years expertise in AWS-native security services (e.g., AWS WAF, AWS Shield, AWS Firewall Manager, AWS Network Firewall).
• Excellent communication and collaboration skills.

Nice-to-Haves

• Familiarity with cloud security frameworks and tools (e.g., AWS Well-Architected framework).
• Knowledge of regulatory frameworks such as PCI-DSS, GDPR, or ISO 27001.
• Experience with packet analysis tools (e.g., Wireshark, tcpdump) for troubleshooting and threat detection.

Your Manager

• Sam Halvaei

Recruiter For This Role

• Kayla Osuna

Compensation and Benefits

Marqeta is a Flex First company which allows you to choose your best working environment, whether that be from home or at a company office. To support Flex First, we calibrate pay to a competitive value according to working location. 

When determining salaries, we consider several factors including, but not limited to, skills, prior experience, and work location. The new-hire base salary range for this position, reflected in CAD,  is: 119,400 - 149,300.

We also believe in recognizing the contributions of our people. That's why we award annual bonuses to eligible employees, rewarding both individual performance and the success of the entire company.

Along with monetary compensation, Marqeta offers

• Multiple health insurance options
• Flexible time off – take what you need
• Retirement savings program with company contribution
• Equity in a publicly-traded company 
• Monthly stipend to support our remote work model
• Annual “development dollars” to support our people growth and development
• Family-forming benefits and up to 20 weeks of Parental Leave

About Marqeta

Marqeta is on a mission to change the way money moves. We’re one of the earliest enablers of embedded finance, a market opportunity sized up in the trillions. Our card issuing platform provides unprecedented flexibility and control for companies to issue cards, authorize transactions, and manage payment operations in real time. Marqeta is powering the most well known brands in the new economy (Block, Cash App, Affirm, Instacart, Doordash, Uber, Walmart, etc). You don’t need to be a Payments expert to join the Marqeta Team, let us help you with that.  This is the opportunity of a lifetime to work with innovators around the world and unlock equitable financial access for all.

Marqeta’s Values

– Intentional Curiosity: We believe in asking the questions others shy away from. True progress comes from understanding today’s realities while challenging ourselves to do better and take on the status quo. 

– Thoughtful Responsibility: We believe that every interaction with our technology and platforms matters. Businesses and livelihoods rely on our work, so we strive for excellence and accountability every day with the highest standards for failsafe technology and compliance.

– Innovative Simplicity: We believe that simplicity is powerful, especially in innovation—making a tool work better or finishing that feature that makes everyone smile. Our customers face a lot of complexity. We’re not here to add more.

– Shared Success: We believe the measure of our success is the success of our employees, customers, and communities. From local businesses to big corporations, our impact goes deep and wide. And we’ve got the results to prove it.

– Passion to Thrive: We believe anyone with a better idea should be able to change the game for our company and our customers. We solve big problems for our customers and draw energy from that challenge and opportunity.

Equal Employment Opportunity, Accommodations and Privacy 

Marqeta is proud to be an equal opportunity employer that gives consideration to all qualified applicants regardless of race, ancestry, national  origin, color, Indigenous, citizenship, religion/creed, sex, sexual orientation, gender identity, gender expression marital status, family status, disability, veteran status, criminal histories consistent with legal requirements, or any other characteristic protected by applicable law. 

Our dedication to diversity and inclusion extends beyond the categories above. Review Marqeta’s ESG Report to see that dedication in action. Fostering an environment where everyone feels valued and respected creates a stronger and more innovative team at Marqeta. We celebrate the unique contributions of each individual and empower all members of our organization. Join us in building a company where diversity thrives and everyone can be their authentic selves.

If you require reasonable accommodation for the application process and beyond (including due to a disability), please submit this form and we will be more than happy to assist you. Marqeta will make reasonable accommodations for candidates when needed in accordance with applicable law. The Applicant and Candidate Privacy Notice applies to the personal data that you directly provide to us or that we collect during the application and candidate recruitment process.