Network Security Engineer

About The Role

We are seeking a Network Security Engineer to design, build, and operate the network security controls that keep Cerebras's data centers, cloud environments, and corporate infrastructure secure as we scale to support the world's most demanding AI workloads. You will own the lifecycle of our firewall, segmentation, and network detection capabilities — turning policy into automated, testable infrastructure — and partner closely with Network Engineering, IT, and Security Operations to keep the environment safe and operational. The right candidate brings hands-on network security depth, an automation-first mindset, and the ability to operate across enterprise, data center, and cloud network domains.

Responsibilities

• Design and operate firewall, segmentation, and zero-trust controls across data center, corporate, and cloud (AWS) networks.
• Build and maintain network security infrastructure as code — including firewall rules, policy automation, and CI/CD-driven deployment.
• Lead network lifecycle management: design review, configuration baselines, change automation, and ongoing rule hygiene.
• Build detection capabilities for network-based attacker behaviors and partner with the Detection & Response team on response playbooks.
• Implement and operate network access controls including ZTNA, VPN, and remote access patterns.
• Drive periodic firewall rule reviews, segmentation audits, and remediation campaigns to reduce risk and complexity.
• Document network security architecture, controls, and operating procedures in clear runbooks.

Skills and Qualifications

• Master's degree or higher in computer science.
• Deep expertise with industry leading firewalls, including policy design, automation, and operations.
• Strong proficiency with infrastructure as code (Terraform, Ansible) and at least one scripting language (Python preferred).
• Hands-on experience operating network controls in a major cloud environment (AWS preferred), including VPCs, transit gateways, security groups, and cloud-native firewalls.
• Practical understanding of ZTNA, segmentation, and modern network access patterns.
• Solid fundamentals in TCP/IP, routing, switching, DNS, and TLS — with the ability to troubleshoot across the stack.
• Excellent written and verbal communication skills.