Description:
We are seeking an experienced and hands-on Senior Cloud Network Engineer to design, implement, and operate resilient, secure, and scalable networking solutions across Rubrik’s hybrid multi-cloud environment (GCP, AWS, Azure, and OCI). This role includes responsibilities for FedRAMP-compliant network infrastructure supporting Rubrik’s federal and public sector cloud offerings.
As part of our Global Infrastructure & Platform Services organization, you will serve as a senior technical contributor for cloud networking, enabling seamless and secure service connectivity across global regions and cloud platforms — including isolated, compliance-boundary environments required for FedRAMP Moderate and High authorization.
This role combines strong hands-on technical depth with collaborative cross-functional execution. You will work closely with security, platform engineering, and application teams to improve how our services connect, scale, and operate.
What You’ll Do
- Design and implement cloud networking solutions across GCP, AWS, Azure, and OCI.
- Build and maintain hybrid multi-cloud connectivity, including VPC/VNet design, peering, transit gateways, interconnects, ExpressRoute, Direct Connect, and secure tunneling.
- Support and maintain FedRAMP authorization boundaries, including network segmentation, traffic isolation, and control documentation aligned with NIST SP 800-53.
- Contribute to a unified connectivity fabric supporting multi-tenant onboarding, service segmentation, traffic routing, and policy enforcement across clouds — including dedicated GovCloud or sovereign regions.
- Implement network observability (end-to-end traffic visibility, flow tracing, correlation ID propagation) to enable diagnostics and performance analysis.
- Apply network security controls including micro-segmentation, zero trust network access (ZTNA), identity-aware routing, firewall policies, and encryption in transit — mapped to FedRAMP and NIST 800-53 baselines.
- Support service-to-service communication, protocol translation, and traffic mediation across diverse environments.
- Partner with security, SRE, and developer teams to onboard services securely and efficiently to the networking fabric.
- Collaborate with the GRC and FedRAMP compliance team to support continuous monitoring, POA&M remediation, and ATO (Authority to Operate) maintenance.
- Apply automation-first principles using Infrastructure-as-Code (Terraform, Pulumi) and CI/CD pipelines.
- Follow and contribute to networking standards, best practices, and reusable templates for consistent, scalable, and secure deployments.
- Stay current on emerging networking technologies and contribute recommendations for improving Rubrik’s infrastructure.
Experience You’ll Need
- 5+ years of experience in network engineering, with hands-on experience in multi-cloud networking.
- Experience in managing Palo Alto Network VM Series firewalls, Palo Alto Prisma
- Experience with Arista and Cisco Network Devices
- Experience with EVPN-VxLan, Arista AVD, CVP, and GitOps workflows
- Solid understanding of cloud-native networking concepts across major CSPs: AWS (VPC, TGW, Direct Connect, GovCloud), GCP (VPC, Interconnect), Azure (VNet, ExpressRoute, Azure Government), OCI.
- Experience designing and operating hybrid/multi-cloud environments with high availability and low latency.
- Strong command of load balancing, DNS, NAT, TLS termination, L7 routing, HTTP/1.1–HTTP/3, and protocol translation.
- Experience architecting or supporting FedRAMP Moderate or High environments, including network boundary definition, segmentation, and NIST SP 800-53 control implementation.
- Experience with zero trust networking and modern network security design.
- Expertise in IaC tools such as Terraform, CloudFormation, or Pulumi.
- Strong scripting skills (Python, Bash, or similar) for automation.
- Experience with observability and telemetry tools (OpenTelemetry, FluentBit, Prometheus, Grafana, Datadog).
- Excellent communication and leadership skills; ability to collaborate and influence across engineering and infrastructure teams.