Search
Header navigation
Director, Cloud Network and Security Engineer

Director, Cloud Network and Security Engineer

Fidelity Investments
locationWestlake, TX, USA
PublishedPublished: 6/3/2025
Full Time

Job Description:

Director, Cloud Network and Security Engineer (Individual Contributor)

The Role:

We are seeking a seasoned individual contributor with deep AWS networking expertise to join Fidelity’s Cloud Network team as a subject matter expert. The position will be part of the Cloud Network team within the Fidelity Architecture and Engineering (FAE) organization. We are responsible for the network design, implementation, and operation of the virtual network constructs offered by our cloud service providers (CSPs). Candidates should have a deep understanding of AWS networking technologies with hands-on, real-world, and demonstrable experience managing significant AWS deployments. This role offers the opportunity to shape Fidelity’s cloud networking strategy and influence the evolution of our multi-cloud infrastructure. The position will be based in Westlake, TX or Merrimack, NH. In this role you will be:

  • Designing and implementing scalable, secure, and cost-effective network solutions to support over 4,000 VPCs in AWS and hundreds of VNETs in Azure
  • Developing cloud-native network designs aligned with business and application requirements
  • Implementing advanced network security controls to ensure compliance with internal policies and industry standards
  • Evaluating and recommending cost-efficient services and architectures, while continuously optimizing existing cloud spend
  • Tuning network performance for speed, reliability, and scalability across multi-cloud environments
  • Defining requirements for network APIs to enable self-service capabilities at both the network and security layers
  • Diagnosing and resolving complex network issues within cloud environments and across hybrid infrastructures
  • Providing Tier 3 operational support and participating in the on-call rotation for critical network incidents
  • Mentoring and guiding network engineers on modern cloud networking principles and best practices

The Skills and Expertise You Bring

  • Deep expertise in AWS cloud networking, including large-scale VPC design, peering, Transit Gateway, and hybrid connectivity
  • Proficiency in infrastructure as code, particularly with AWS CloudFormation for moderately complex templates
  • Proficiency in Python, with experience using Boto3 for network automation and orchestration
  • Solid understanding of IP routing protocols, firewalls, load balancers, proxies, and DNS in cloud and hybrid environments
  • Experience configuring and optimizing proxy servers such as Squid and HAProxy
  • A security-first mindset, with experience implementing network security controls and ensuring compliance with enterprise policies
  • Proven ability to analyze and resolve complex issues using tools like Splunk, DataDog, and native cloud logging/monitoring services
  • Strong communication skills, with the ability to convey technical concepts to both technical and non-technical stakeholders
  • 10+ years of experience in IT infrastructure, security, and architecture, with a focus on cloud-native environments
  • Ability to influence cloud networking strategy and contribute to long-term architectural decisions

The Team
Fidelity’s Architecture and Engineering’s (FAE) mission is to enable Fidelity application development to go faster. Modern computing paradigms, cloud computing and open-source software offer tremendous potential to accelerate development and drive down costs. You will leverage your expertise in cloud networking and security to ensure the stability, scalability, and efficiency of our CSP networks. Your contributions will be pivotal in maintaining a robust network infrastructure, enabling other teams to develop applications faster and more securely.

Certifications:

Category:

Information Technology

Fidelity’s hybrid working model blends the best of both onsite and offsite work experiences. Working onsite is important for our business strategy and our culture. We also value the benefits that working offsite offers associates. Most hybrid roles require associates to work onsite every other week (all business days, M-F) in a Fidelity office.

Please be advised that Fidelity’s business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.