Senior Security Engineer, Networking

As an Infrastructure Security Engineer focused on networking you’ll be joining the Infrastructure Security Team, you can expect to be deeply involved in strategic discussions on how we secure and optimize our network infrastructure. This includes designing and implementing robust network security solutions, monitoring network traffic for threats, and collaborating with cross-functional teams to ensure our network remains secure and resilient. You will set the direction for Klaviyo’s engineering teams with a Security First focus on network and cloud infrastructure.

How You Will Make a Difference

• Provide technical leadership that drives technology choices and architectural decisions across multiple teams, offering solutions for complex problems around network security standards and best practices.
• Design, implement, and manage network security solutions, including next-generation firewalls, IDS/IPS, and VPNs to protect Klaviyo's global network infrastructure.
• Monitor and analyze network traffic using advanced tools to detect and respond to security incidents, ensuring timely mitigation of threats.
• Implement and advocate for network segmentation and zero trust architectures, reducing attack surfaces and preventing lateral movement within the network.
• Manage and secure cloud network infrastructures, focusing on VPC configurations, security group policies, and network access controls in AWS, GCP, and Azure.
• Automate network security tasks using scripting and infrastructure as code tools to increase efficiency and reduce the potential for human error.
• Conduct regular network security assessments and penetration tests, identifying vulnerabilities and driving remediation efforts.
• Collaborate closely with Klaviyo's Engineering, IT, and Product teams to integrate network security into all aspects of our systems and services.
• Develop and enforce network security policies and procedures, ensuring compliance with industry regulations such as PCI DSS, GDPR, and SOC 2.
• Educate and mentor team members on network security best practices, fostering a culture of security awareness and continuous improvement.
• Stay ahead of emerging network security threats and technologies, adapting strategies to proactively mitigate risks.

Who You Are

• Have 4+ years of experience in network security engineering and infrastructure protection.
• Security domain expertise in designing, implementing, and managing secure network infrastructures in both on-premises and cloud environments.
• Achieved certifications or participated in advanced training on network security (e.g., CISSP, CCNP Security, CCIE Security, GIAC GSEC, or equivalent).
• Proven experience with enterprise-grade firewall platforms (e.g., Palo Alto Networks, Cisco ASA/Firepower), IDS/IPS technologies, and VPN solutions.
• Deep understanding of network protocols and technologies, including advanced routing and switching concepts.
• Experience securing cloud network environments, with hands-on knowledge of AWS networking services like VPCs, Transit Gateways, and security groups.
• Familiarity with network automation and scripting, using tools like Ansible, Python, or similar to streamline security processes.
• Knowledge of zero trust principles and experience implementing network segmentation strategies.
• Strong analytical and problem-solving skills, with experience in threat detection, incident response, and vulnerability management.
• Excellent communication and teamwork abilities, capable of articulating complex security concepts to technical and non-technical stakeholders.
• Passionate about staying current with the latest network security trends and technologies, and applying them to enhance our security posture.