Senior Security Engineer

Aalyria

Senior Security Engineer at Aalyria, focusing on cloud infrastructure, network security, and compliance for defense and federal customers. Collaborating with teams to secure innovative aerospace communications technology.

Posted 6/25/2026full-timeRemote • 🇺🇸 United StatesSenior💰 $170,000 - $200,000 per yearWebsite

Tech Stack

Tools & technologies

AWSAzureCloudDNSFirewallsGoogle Cloud Platform

About the role

Key responsibilities & impact

Design, implement, and manage secure cloud networking architectures including VPCs, subnets, peering, and transit gateways across GCP, AWS, or Azure
Configure and maintain cloud-native firewall rules, security groups, network ACLs, and perimeter controls to enforce least-privilege traffic policies
Implement and manage cloud security posture management (CSPM) tooling and continuously remediate misconfigurations across cloud environments
Design and operate network segmentation and micro-segmentation strategies aligned with zero trust architecture principles
Manage and harden cloud IAM, including role definitions, service account policies, privileged access controls, and just-in-time access
Manage next-generation firewall (NGFW) platforms, including policy development, rule lifecycle management, and traffic inspection configurations
Implement and maintain IDS/IPS, DNS security, and network monitoring solutions to detect and respond to threats
Conduct regular firewall rule reviews and access path analysis to identify and remediate overly permissive configurations
Design, implement, and operate PKI infrastructure including certificate authorities, certificate lifecycle management, and trust store management
Administer and enforce access control policies across identity providers (IdPs), directory services (Active Directory / LDAP), and SSO platforms
Implement and maintain multi-factor authentication (MFA), privileged access management (PAM), and role-based access control (RBAC) systems
Ensure cryptographic implementations meet FIPS 140-2/140-3 requirements and federal standards
Conduct continuous monitoring, log review, and evidence collection to support compliance audits and third-party assessments

Requirements

What you’ll need

5+ years of experience in cloud infrastructure security, network security, or IT systems engineering with a security focus
Hands-on experience securing cloud environments in GCP, AWS, or Azure, including networking, IAM, and logging controls (GCP strongly preferred)
Demonstrated experience designing and managing cloud network security controls: firewalls, security groups, VPC/VNet architecture, and traffic inspection
Proficiency with next-generation firewalls (e.g., Palo Alto, Fortinet, or cloud-native equivalents) including policy management and traffic analysis
Working knowledge of PKI concepts, certificate lifecycle management, and cryptographic protocols (TLS, mTLS, FIPS 140-2/3)
Hands-on experience implementing and managing IAM, PAM, MFA, RBAC, and SSO systems in enterprise or federal environments
Direct experience implementing technical controls for CMMC L2, FedRAMP, or NIST 800-171 compliance programs
Strong understanding of zero trust architecture principles and practical implementation across hybrid environments
Experience with SIEM platforms, log aggregation, and security monitoring for infrastructure and network event data

Benefits

Comp & perks

Competitive salary
Comprehensive benefits (401(k), dental, vision, health, life insurance)
Paid time off
Equity options
Flexible working arrangements including hybrid remote/in-office schedules

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cloud infrastructure securitynetwork securityIAMfirewallsPKIMFAPAMRBACtraffic inspectionzero trust architecture

Certifications

CMMC L2FedRAMPNIST 800-171FIPS 140-2FIPS 140-3