Platform Security Engineer 2
About the role
Independently implement and maintain vDefend distributed firewall policies and NSX micro-segmentation rules for moderate-complexity environments.
Administer Identity Broker integrations, federation trusts, and access policy mappings across platform services.
Enforce platform security baselines and hardening standards for VCF management and workload domains.
Conduct recurring security configuration reviews and partner with engineering teams on remediation planning.
Assist in developing reusable policy standards, segmentation templates, and security implementation patterns.
Support integration of platform security controls with VCF tools such as Aria Operations, Automation, and logging/monitoring workflows.
Contribute to compliance guardrails by mapping platform configurations to CIS, NIST, and internal control requirements.
Participate in root cause analysis for security incidents and recurring control failures.
Provide operational guidance to Platform Security Engineer I staff and peer teams.
Responsibilities
- Independently implement and maintain vDefend distributed firewall policies and NSX micro-segmentation rules for moderate-complexity environments.
- Administer Identity Broker integrations, federation trusts, and access policy mappings across platform services.
- Enforce platform security baselines and hardening standards for VCF management and workload domains.
- Conduct recurring security configuration reviews and partner with engineering teams on remediation planning.
- Assist in developing reusable policy standards, segmentation templates, and security implementation patterns.
- Support integration of platform security controls with VCF tools such as Aria Operations, Automation, and logging/monitoring workflows.
- Contribute to compliance guardrails by mapping platform configurations to CIS, NIST, and internal control requirements.
- Participate in root cause analysis for security incidents and recurring control failures.
- Provide operational guidance to Platform Security Engineer I staff and peer teams.
Requirements
- Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field; or equivalent practical experience.
- Minimum 3 years of experience in infrastructure security, systems security, network security, or virtualization engineering.
- Experience with firewall rule administration, segmentation, and IAM in enterprise environments.
- Working knowledge of VMware vSphere and experience with at least one of the following: NSX, vDefend, SSO/federation, or policy enforcement platforms.
- Working knowledge of compliance frameworks such as CIS and NIST.
- Experience with scripting, automation, or configuration validation.
Qualifications
- Hands-on experience with VMware NSX and/or vDefend in production.
- Exposure to Azure, AWS, or hybrid cloud security concepts such as shared responsibility, cloud IAM, and security baselines.
- Familiarity with VCF lifecycle, SDDC Manager, Aria Operations, Aria Automation, or related platform tooling.
- Experience with policy-as-code or configuration-as-code tools such as OPA, Sentinel, Terraform, or Ansible.
Skills
- Security+
- VMware VCP
- SC-900
- AZ-500
Benefits
- Comprehensive benefits package including medical, dental, vision, short and long-term disability, life insurance, an employee assistance program, paid time away, parental leave, paid holidays, a retirement savings plan with employer match, employee referral bonus and tuition reimbursement.
Pay
The expected compensation range for this position depends upon skills, experience, education and geographical location.
Schedule
This on-site role supports 24/7 operations through real-time collaboration, standard shifts occur within a 6:00 AM - 6:00 PM window, Monday through Friday. Additionally, this position requires scheduled on-call flexibility and the ability to remain reasonably reachable during off-hours for critical business continuity.
Preferred Qualifications
- Hands-on experience with VMware NSX and/or vDefend in production.
- Exposure to Azure, AWS, or hybrid cloud security concepts such as shared responsibility, cloud IAM, and security baselines.
- Familiarity with VCF lifecycle, SDDC Manager, Aria Operations, Aria Automation, or related platform tooling.
- Experience with policy-as-code or configuration-as-code tools such as OPA, Sentinel, Terraform, or Ansible.
Required Qualifications
- Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field; or equivalent practical experience.
- Minimum 3 years of experience in infrastructure security, systems security, network security, or virtualization engineering.
- Experience with firewall rule administration, segmentation, and IAM in enterprise environments.
- Working knowledge of VMware vSphere and experience with at least one of the following: NSX, vDefend, SSO/federation, or policy enforcement platforms.
- Working knowledge of compliance frameworks such as CIS and NIST.
- Experience with scripting, automation, or configuration validation.
Company Beliefs
We are committed to the principles of employment equity. We are an Affirmative Action and Equal Opportunity Employer.
Equal Opportunity Employer
We consider all qualified applicants, regardless of criminal histories, arrest and conviction records.