Network Security Engineer

HealthEquity

  • Palo Alto, CA
  • $96,500-145,000 per year
  • Permanent
  • Full-time
  • 2 days ago
Our Mission:Our mission is to SAVE AND IMPROVE LIVES BY EMPOWERING HEALTHCARE CONSUMERS. Come be part of remarkable. Overview:How you can make a differenceIn an era of escalating cyber threats, our organization is committed to fortifying its digital infrastructure through proactive cyber network defense strategies. As a Network Security Engineer, you will be at the forefront of protecting sensitive data and critical systems in high-stakes environments and highly regulated environments. Leveraging your deep expertise in Azure, Palo Alto, and Cisco technologies, you will design, implement, automate, and maintain cutting-edge security solutions that ensure the confidentiality, integrity, and availability of our network. This role demands a blend of technical prowess in cybersecurity domains—including threat intelligence, vulnerability management, and incident response—with a keen understanding of regulatory compliance to safeguard against sophisticated attacks and maintain operational resilience. In this role, you will be directly supporting our most critical platform security solutions. You will join a team of cyber engineers supporting these areas and be able to provide new insights, areas for automation, and key support for our critical infrastructure. Your passion and expertise as a Cyber Engineer is paramount in our quest to fortify our defenses. Your proactive contributions, especially in driving threat informed defense concepts, will help ensure our organizations cyber resiliency remains strong. Join us in the pursuit of a secure future for HealthEquity, where your skills will make a tangible difference in our defense against cyber threats.What you will do (Job Duties & Responsibilities)Design & Implementation of Network Security Solutions
  • Architect, implement, and maintain network security architectures, policies, and procedures using Palo Alto, Azure, and/or Cisco firewalls and Azure networking technologies, with a strong focus on cyber network defense principles such as zero trust and micro-segmentation.
  • Develop and maintain secure configurations, access controls, and routing protocols to defend against cyber intrusions.
  • Evaluate emerging security technologies, including Network Security Monitoring tools, to enhance cyber defense capabilities and overall security posture. (e.g., Zeek, Suricata, etc.)
Firewall & Traffic Management
  • Configure, monitor, and maintain Palo Alto, Azure, and/or Cisco firewalls, including rule sets, security policies, threat prevention profiles, and integration with cyber threat intelligence feeds.
  • Troubleshoot and resolve firewall-related security issues, applying cyber forensics techniques as needed.
  • Perform regular firewall audits, ensuring that our Palo Alto, Azure, and/or Cisco firewalls are operating a secure and highly available manner.
Network Infrastructure Protection
  • Monitor network traffic patterns using advanced analytics to detect, analyze, and mitigate cyber threats in real-time.
  • Implement and maintain IDS/IPS solutions, along with other cyber defense tools like Network Security Monitoring (NSM), for continuous threat detection and hunting.
  • Partner with cross-functional teams to integrate cyber security controls into all network devices, systems, and applications, ensuring alignment with defense-in-depth strategies.
Collaboration & Knowledge Sharing
  • Work closely with other Cyber Defense teams and partners to align network security and cyber defense strategies with organizational goals, particularly in regulated industries.
  • Mentor other cyber engineers and cyber analysts and share best practices in cyber network defense and related areas.
  • Stay ahead of industry trends, emerging cyber threats, evolving technologies in network security, Palo Alto, Azure, Cisco, and key cyber domains such as cryptography, malware analysis, and security operations.
What you will need to be successful (Skills, Knowledge, & Experience)
  • Technical degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent professional experience.
  • Palo Alto Networks Certified Network Security Engineer (PCNSE)
  • Cisco Certified Network Professional Security (CCNP Security)
  • Additional certifications such as CISSP, CEH, Azure Security Engineer Associate, AWS Certified Security – Specialty, or GIAC Certified Incident Handler (GCIH) are a plus.
  • Advanced knowledge and practical experience designing, testing, implementing, and operating Palo Alto and Cisco security solutions within regulated environments.
  • Strong knowledge of Cloud computing, specifically Azure networking and security.
  • In-depth knowledge of security frameworks (e.g., NIST CSF, ISO 27001, CIS Controls) and cyber defense methodologies, including MITRE ATT&CK framework, cyber kill chain, and diamond model of intrusion analysis.
  • Experience with network segmentation, zero trust architecture, secure VPN solutions, and cyber threat modeling.
  • Strong understanding of encryption protocols, PKI, TLS/SSL, IPsec, certificate management, and advanced cyber concepts like ransomware defense, supply chain security, and cloud-native security.
  • Advanced firewall policy design, rule optimization, traffic analysis, and integration of threat intelligence into cyber network defense strategies.
  • Strong understanding of TCP/IP, routing protocols (BGP, OSPF, EIGRP), VLANs, DNS, DHCP, and NAT.
  • Familiarity with intrusion detection/prevention systems (IDS/IPS), SIEM platforms, and cyber monitoring tools.
  • Experience with cloud-based security architectures (Azure required; AWS/GCP a plus), including hybrid and multi-cloud cyber defense setups.
  • Proven experience serving in health, finance, or FINTECH environments, with hands-on knowledge of relevant regulations such as HIPAA, PCI-DSS, SOX, GDPR, and FINRA requirements to ensure compliant cyber network defense.
  • Excellent troubleshooting and problem-solving skills in complex, hybrid cloud environments, with a cyber-focused mindset for rapid incident containment.
#LI-RemoteThis is a remote position. Salary Range: $96,500.00 To $145,000.00 / year Benefits & Perks:The actual compensation offer is determined based on job-related knowledge, education, skills, experience, and work location. This position will be eligible for performance-based incentives as part of the total compensation package, in addition to a full range of benefits including:
  • Medical, dental, and vision
  • HSA contribution and match
  • Dependent care FSA match
  • Uncapped paid time off
  • Paid parental leave
  • 401(k) match
  • Personal and healthcare financial literacy programs
  • Ongoing education & tuition assistance
  • Gym and fitness reimbursement
  • Wellness program incentives
Why work with HealthEquity :Why work with HealthEquityHealthEquity has a vision that by 2030 we will make HSAs as wide-spread and popular as retirement accounts. We are passionate about providing a solution that allows American families to connect health and wealth. Join us and discover a work experience where the person is valued more than the position. Click to learn more.You belong at HealthEquity!HealthEquity, Inc. is an equal opportunity employer, and we are committed to being an employer where no matter your background or identity – you feel welcome and included. We ensure equal opportunity for all applicants and employees without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, status as a qualified individual with a disability, veteran status, or other legally protected characteristics. HealthEquity is a drug-free workplace. For more information about our EEO policy, or about HealthEquity’s applicant disability accommodation, drug-free-workplace, background check, and E-Verify policies, please visit our .HealthEquity uses Microsoft Copilot to transcribe screening interviews between candidates and their direct Talent Partner for note taking and interview summaries. By scheduling a screening interview with us, you consent to Microsoft Copilot’s AI technology recording and transcribing your interview with your Talent Partner. This information will be reviewed for accuracy and then used by HealthEquity to summarize the interview, ensure accuracy, and facilitate our hiring process. We take privacy seriously. You have the option to opt out. If you wish to opt out of this Microsoft Copilot transcription, please notify your Talent Partner in advance of the interview. If we do not receive an opt-out request from you, we will assume that you consent to the use of Microsoft Copilot.HealthEquity is committed to your privacy as an applicant for employment. For information on our privacy policies and practices, please visit .

HealthEquity