Network Security Platform Engineer

Job Title

Job Title: Network Security Platform Engineer

Position type: Permanent

Location: Hybrid - Bogota
Job family: Engineering

About Your Business Area/Department:

Navitaire, an Amadeus company, is transforming the way the world thinks about travel by enabling the most successful hybrid and low-cost airlines to deliver innovative, flexible booking experiences. With over 50 airline customers globally, Navitaire offers a unique opportunity to make a significant impact on the future of travel.

Summary of the role:

As a Network Security Platform Engineer on Navitaire’s Technology Group, you will play a key role in designing and delivering scalable, reliable, and secure edge platform services. This includes network connectivity, security controls, and performance delivery mechanisms to support modern airline web applications, APIs, and serverless workloads. You’ll partner with architects and product owners to bring next-gen infrastructure to life, using infrastructure as code, CI/CD, and cloud-native patterns.

In this role you’ll:

• Engineer, maintain, and optimize cloud edge platform capabilities:
• Connectivity: VPN Gateway, Private Link, Virtual WAN, NAT Gateway, NSGs/ASGs, Routers, DNS, IPAM, Reverse Proxy.
• Security: WAAP/WAF, NGFW, Bot Protection, DDoS Protection, Account Takeover Protection, API Security, mTLS, and JWT enforcement.
• Performance: API Management, Load Balancing (DNS/L4/L7), Caching (e.g. Redis), CDN, Rate Controls, Traffic Management.

• Collaborate with architects and stakeholders to define scalable and secure Azure-native edge architecture patterns.
• Design and implement access strategies for public-facing APIs and web apps using modern identity and access controls, including OAuth 2.0, OpenID Connect, mTLS, API subscription keys, and token-based access.
• Lead or support Proof-of-Concept (POC) efforts to evaluate and onboard new edge technologies or services.
• Develop Infrastructure as Code (IaC) using tools like Terraform, ARM templates, or Bicep for provisioning edge infrastructure.
• Implement and manage CI/CD pipelines (e.g., Azure DevOps, GitHub Actions) to deploy infrastructure and security policies consistently across environments.
• Define SLIs/SLOs aligned with edge platform performance, availability, and security objectives.
• Work closely with application and API teams to ensure secure and performant delivery of services.
• Own testing, staging, and rollout strategies for edge platform changes; support change validation and rollback procedures.
• Provide onboarding, documentation, and knowledge transfers to Tier 1 & 2 teams for operational support.

About the ideal candidate:
 

Education

• BS in Computer Science, Network Engineering, or equivalent experience.
• Azure certifications preferred (e.g., AZ-700, AZ-305, SC-300, SC-100).
• Networking/security certifications (e.g., CCNA/CCNP) are a plus.

Experience

• 3+ years of platform or network engineering experience with focus on:
  • Cloud network infrastructure, hybrid connectivity, routing, DNS, reverse proxies.
  • Edge security services and policy tuning (e.g., FW ACLs, WAF custom rules, IP reputation controls, geo-blocking, header-based validation).
  • API and web performance optimization tools and services.
• 3+ years of hands-on experience with IaC and CI/CD (e.g., Terraform, ARM, Azure DevOps).
• Experience with traffic troubleshooting and diagnostic tools (Fiddler, Wireshark, TraceRoute).
• Exposure to cloud-native architectures and services (e.g., containers, messaging, identity).

Skills

• Strong knowledge of HTTP/S, TCP/IP, IPsec, DNS, TLS, and routing protocols (e.g., BGP).
• Scripting experience in PowerShell, Bash, Python, or JavaScript.
• Proficient in modern authentication methods: OAuth 2.0, OIDC, mTLS, JWT, API keys.
• Understanding of API abuse patterns like credential stuffing, scraping, slow POST.
• Familiarity with RESTful web/API patterns and modern design principles.
• Awareness of Zero Trust, least privilege, and private access models (e.g., Private Link).
• Clear communicator who can explain complex networking/security topics to mixed audiences.
• Passion for continuous learning, tech exploration, and platform ownership.

What we can offer you:

• Get rewarded with competitive remuneration, individual and company annual bonus, vacation and holiday paid time off, health insurances and other competitive benefits.
• Work from onsite. 

• Professional development to broaden your knowledge and enhance your skills with on-line learning hubs packed with technical and soft skills training that allow you to develop and grow.
• Enter a diverse and inclusive workplace, join one of the world’s top travel technology companies and take on a role that impacts millions of travelers around the globe.

Application process: 

The application process takes no longer than 10 minutes!
Create your candidate profile, upload your Resume/CV and apply today!

Diversity & Inclusion

Amadeus aspires to be a leader in Diversity, Equity and Inclusion in the tech industry, enabling every employee to reach their full potential by fostering a culture of belonging and fair treatment, attracting the best talent from all backgrounds, and as a role model for an inclusive employee experience.  

Amadeus is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to gender, race, ethnicity, sexual orientation, age, beliefs, disability or any other characteristics protected by law.