Note: The job is a remote job and is open to candidates in USA. Hard Rock Digital is focused on becoming the best online sportsbook, casino, and social gaming company in the world. They are seeking a Principal Cloud & Network Security Engineer to own security across their cloud footprint and implement network security measures, ensuring a secure environment for millions of players.
Responsibilities
- Own cloud security posture and runtime protection across AWS, Azure, and GCP using Wiz and modern runtime protection tooling — from finding misconfigurations to driving them to closure and catching threats at runtime. You own infrastructure-layer and configuration risk end to end, partnering with our Principal Product Security Engineer, who owns the application and dependency vulnerability lifecycle
- Define and maintain secure configuration baselines and guardrails so new cloud resources are safe by default
- Partner with SecOps to feed high-quality cloud signals into our detection and response pipeline
- Design and implement network segmentation and east-west controls that limit blast radius across our environments
- Advance Zero Trust network access using Cloudflare Access, private connectivity, and service-to-service authentication (including mTLS where it fits) — partnering with our Principal Identity Engineer on the identity signals those policies consume
- Align our network posture to NIST SP 800-207 and the CISA Zero Trust Maturity Model (Networks pillar)
- Own the security configuration of our Cloudflare edge — WAF, Bot Management, and DDoS protections — plus our broader Cloudflare Zero Trust deployment, protecting Hard Rock Bet, our customer-facing sportsbook and casino
- Tune protections to stop abuse and attacks without blocking real players
- Build policy-as-code and Terraform guardrails, and embed infrastructure-as-code security scanning (Wiz Code) into CI/CD pipelines — you own the infrastructure-scanning side of the pipeline; our Principal Product Security Engineer owns application and dependency scanning
- Partner closely with platform and infrastructure teams to make secure infrastructure the default path, not an afterthought
- Automate the boring parts so security scales with a fast-moving engineering org
- Act as the design authority for cloud, network, and edge security — setting standards, mentoring security and platform engineers, and driving alignment across teams you don't manage
Skills
- 10+ years in cloud, network, or infrastructure security engineering — or equivalent practical experience
- Deep, hands-on expertise in at least one major cloud (AWS strongly preferred), with working knowledge of a second
- Experience with cloud security posture and runtime protection tooling (Wiz or equivalent CNAPP/runtime tooling) at scale
- Strong network security fundamentals: segmentation, firewalls, ZTNA, and secure connectivity patterns
- Hands-on experience with edge/WAF/CDN protection (Cloudflare a strong plus)
- Infrastructure-as-Code proficiency (Terraform), a policy-as-code mindset, and scripting/automation skills (Python, Bash, or Go) — comfortable working in CI/CD pipelines
- A track record of leading through influence — you set technical direction across teams you don't manage, and you can explain a network path to an engineer and a risk to an executive
- Fluency with AI — you lead with it, reaching for AI tools daily to work faster and sharper; hands-on experience applying AI to security or engineering work is a must
- Experience in a regulated industry (gaming, financial services, healthcare) — especially PCI DSS network segmentation and scoping, or GLI-19/GLI-33 requirements
- Deep Cloudflare experience across WAF, Bot Management, Access, and the Zero Trust suite
- Experience securing containers and orchestration — Kubernetes network policy, service mesh, or workload identity
- Relevant certifications (e.g., AWS Security Specialty, CCSP, GIAC cloud/network security)
- Experience deploying DNSSEC (or DNS-layer security controls) across a production, multi-zone estate
Benefits
- Competitive pay and benefits
- Flexible vacation allowance
- A hybrid / remote working environment
- Startup culture backed by a secure, global brand
Company Overview
Company H1B Sponsorship