Sr. Network Security Engineer

CentralReach is the #1 provider of SaaS software solutions for autism and IDD care. Trusted by more than 150,000 users, we enable therapy providers, educators, and employers to scale the way they deliver Applied Behavior Analysis and related therapies with innovative technology, market-leading industry expertise, and world-class customer satisfaction. 

The Security team at CentralReach innovates security solutions with the guiding principles to keep our cloud infrastructure secure and support the business by doing so.  

The Sr. Network Security Engineer will be responsible for securing cloud infrastructure (mainly in AWS), platforms and applications, and will support and work alongside DevOps/Engineering to maintain and upgrade our cloud environments, while using industry best practices. The Sr. Network Security Engineer will work with other stakeholders to implement security processes and help us shift left and build strong foundations for our DevSecOps cycles.  

This role is remote eligible, but will require quarterly travel for team on-sites.

Key Accountabilities: 

• Create security architecture and design patterns for CR services based on industry best practices. 
• Advise development teams throughout the secure SDLC process on security-related domains. 
• Develop security solutions/tools/configurations that can be leveraged by CR teams for various security-related use cases such as enabling secure remote access, improving the security posture of cloud services, etc. 
• Build threat detection rules and auto-remediation capabilities to mitigate the identified threats at scale. 
• Develop security requirements and standards in collaboration with technical teams to safeguard the Internal as well as customer-facing cloud infrastructure, applications, and data.
• Support day-to-day execution of security processes in areas related to perimeter and endpoint security, cloud security posture management, vulnerability management, security observability, and security operations. 
• Leverage coding skills and experience working with Infrastructure as code (IaC) pipelines to develop, manage, and govern cloud security solutions and safeguards on the AWS platform. 
• Strongly contribute to security initiatives and projects. 
• Deep technical knowledge and experience identifying triaging and remediating application vulnerabilities, including OWASP top 10. 
• Strong knowledge of cloud technologies and cloud infrastructure, including networking, VPCs, TGWs, VPNs, DNS in AWS.
• Manage infrastructure level security capabilities e.g., firewalls, DDoS protection, network/fault domain isolation, IAM policy generation and enforcement, user/resource movement monitoring within the cloud environment and other access controls.

Desired Skills and Experience:  

• Bachelor’s degree in computer science (or equivalent). 
• At least one current security-oriented certification (ex: CISSP, CSSP, CISM, CISA, CEH etc.,) is required. 
• 4+ year experience in application security engineering. 
• Hands-on experience implementing, managing, and monitoring …