Staff Network Security Engineer

ABOUT FLUIDSTACK At Fluidstack, we build the compute, data centers, and power that will fuel artificial superintelligence. We work with Anthropic, Google, Meta, AMI Labs, and Black Forest Labs to deploy gigawatts of compute at industry defining speeds. We are investing tens of billions of dollars in US infrastructure. In 2026, we will deploy 1GW. In 2027, 10GW. Our team is small, fast, and obsessed with quality. We own outcomes end-to-end, challenge assumptions, and treat our customers' problems as our own. No task is beneath anyone here. There are a few thousand people who will shape the trajectory of superinteligence. Come and be one of them. ABOUT THE ROLE Fluidstack is looking for a seasoned Senior / Staff Network Security Engineer to spearhead our security strategy and defend our fast-growing cloud platform. You will design and deploy advanced safeguards concentrated on the network perimeter, ensuring our edge remains secure, resilient, and reliable at massive scale. Operating in a high-throughput environment, you’ll keep our infrastructure and services protected while earning trust across the organization. The ideal hire brings +5 years of deep expertise in modern cloud and network architectures—and a passion for cultivating a security-first culture through mentorship and leadership. Focus - Perimeter & Edge Security Design: Architect and deploy resilient protections at the network edge —including perimeter firewalls, proxy layers, WAFs, and CDN-based controls—to shield Fluidstack’s globally distributed footprint. Every ingress point and service should be hardened against unauthorized activity and attack vectors. - DDoS Resilience: Create and maintain sophisticated DDoS-defense programs that preserve uptime. Continuously analyze traffic, fine-tune safeguards such as rate-limiting and traffic filtering, and react decisively to volumetric spikes or atypical patterns. - Driving Zero-Trust: Lead the rollout of a Zero-Trust model across Fluidstack’s cloud and network domains. Engineer solutions that enforce least-privilege, continuous verification, and service micro-segmentation, eliminating implicit trust at every tier. - Monitoring & Incident Handling: Stand up comprehensive network-security monitoring to surface threats early. Detect indicators of compromise, hunt for vulnerabilities, and orchestrate rapid incident-response actions to limit blast radius. - Cross-Team Partnership: Collaborate closely with Networking, Infrastructure, SRE/DevOps, and Software Engineering to embed security best practices into designs, deployments, and pipelines. Offer expert input during architecture and code reviews to guarantee security-by-design. - Leadership & Mentoring: Champion security initiatives and cultivate a security-first culture. Coach junior engineers and peer teams on network-security fundamentals, deliver training, and model strict adherence to policies and standards. - Policy Stewardship: Author, refine, and enforce security policies and SOPs suited to a highly scalable, distributed environment. Periodically reassess network and cloud-security posture, ensuring alignment with industry benchmarks as the company scales. About You - Proven Experience: 5 + years in hands-on network-security engineering, protecting large-scale cloud or hyperscale environments and complex distributed systems. - Edge-Security Mastery: Deep expertise in edge-protection technologies - DDoS mitigation, web-exploit defense, and Zero-Trust implementations. - Cloud & Network Know-How: Strong conceptual and practical command of modern cloud and network security. Proficient in protocols (TCP/IP, DNS, BGP, HTTP/S), segmentation, VPNs, and firewall tuning; experienced securing AWS, GCP, Azure, or bespoke hyperscale and containerized platforms. - Security Leadership: Demonstrated ability to own security programs end-to-end, mentor engineers, and instill a security-centric mindset across varied teams. - Collaborative Communicator: Excellent at partnering with Networking, Infrastructure, DevOps/SRE, and Software groups to craft security solutions that protect critical assets while empowering the business. - Policy & Compliance Expertise: Skilled in crafting and evaluating security controls for massively scalable systems, and familiar with frameworks such as NIST, ISO 27001, and SOC 2 in cloud contexts. Nice to haves - Hyperscale Background: Experience inside a top-tier cloud provider or hyperscale setting (FAANG-class or similar) and familiarity with unique security challenges at extreme scale. - DDoS/WAF Toolset: Acquainted with enterprise-grade DDoS and web-application-security platforms - Cloudflare, AWS Shield, Akamai, Arbor, F5, etc. - and adept at tuning WAF rules and traffic-scrubbing tactics. - Zero-Trust & IAM: Hands-on design of Zero-Trust networks, including IAM, SSO, MFA, and NAC solutions. - Automation & Scripting: Comfortable scripting or coding (Python, Go, etc.) to automat