Senior Site Reliability Engineer - Network Infrastructure and Security

Swirlds Labs

Swirlds Labs

Software Engineering, Other Engineering
Remote
Posted on Nov 5, 2024

About Hashgraph:

Hashgraph is a fast-growing software company committed to supporting, developing and servicing Hedera, an open source, proof-of-stake platform. Hedera is EVM-compatible and has been specifically built to meet the needs of enterprise and Web3 applications, which require speed, security, stability and sustainability. Hedera’s public network is governed by industry-leading organizations, spanning 11 sectors and 14 regions who oversee the development and direction of the decentralized platform.

About the role:

We are seeking a seasoned Site Reliability Engineer (SRE) specializing in network infrastructure to join our team. In this role, you will be pivotal in supporting our scalable and resilient platform infrastructure, focusing on networking, load balancing, firewalls, VPNs, and overall security. Working closely with the Head of SRE, you will play a crucial role in developing and maintaining a secure, efficient, and high-performing environment, ensuring our infrastructure meets the highest standards of security and availability.

This is an opportunity to shape a greenfield project at the cutting edge of decentralized enterprise systems, and cloud technologies, partnering with globally distributed teams and contributing to a highly scalable, mission-critical infrastructure. If you have a deep understanding of networking, hands-on experience with site-to-site VPN, and a passion for infrastructure automation and security, we would love to hear from you.

Responsibilities:

  • Lead the Design, Implementation, and Maintenance of Secure Access Controls. Ensure only authorized enterprise customers or consortia can access private application data across multi-cloud environments.
  • Set Up and Maintain Secure Network Infrastructure. Configure and manage VPCs, network security groups, and peering to isolate the application from the public internet, ensuring secure communication for client access.
  • Architect Private Network Pathways for Enterprise Clients. Implement secure, private network pathways using solutions like VPNs, PrivateLink (AWS), Private Endpoint (Azure), and Private Google Access (GCP) to meet client requirements.
  • Implement Robust Authentication and Authorization Mechanisms. Deploy authentication and authorization tools, such as Single Sign-On (SSO) and Role-Based Access Control (RBAC), specifically tailored to enterprise clients.
  • Develop and Enforce Access Control Policies. Create policies to restrict and monitor application access, leveraging IAM, site-to-site VPNs, network firewalls, and other cloud-native security tools.
  • Serve as the Primary Technical Contact for Blockchain Deployments. Act as the main point of contact for enterprise customers interested in deploying private blockchains, providing guidance on secure access setup and support.

Qualifications / Experience must have:

  • 5+ years of experience in cloud infrastructure, security, and network architecture, focusing on multi-cloud environments (AWS, Azure, GCP).
  • Proven experience in designing and implementing VPCs, network security groups, VPNs, firewalls, and peering for enterprise-grade applications.
  • Proficiency in multi-cloud access control mechanisms such as AWS PrivateLink, Azure Private Endpoint, and Google Private Access, as well as VPN configurations for secure customer connections.
  • Experience with cloud-native security tools for monitoring and auditing access control policies and network security.
  • Solid experience with automation and configuration management tools such as Terraform, Ansible, or similar.
  • Certifications in cloud and security (e.g., AWS Certified Solutions Architect, Google Cloud Professional Cloud Architect, Microsoft Certified: Azure Solutions Architect Expert, Certified Information Systems Security Professional (CISSP)) are a plus.
  • Familiarity with blockchain and distributed ledger technology implementations in a private or consortium model is a plus.

Qualifications / Experience nice to have:

  • Familiarity with containerization and orchestration tools, such as Docker and Kubernetes, as they relate to networking.
  • Certifications in cloud networking (AWS Advanced Networking, GCP Network Engineer) or security (CISSP, CISM).
  • Experience with multi-cloud architectures and hybrid cloud environments.
  • Knowledge of observability tools for network monitoring (e.g., OpenTelemetry, Prometheus).
  • Understanding of compliance frameworks such as SOC 2, ISO 27001, or similar in network operations.