Define and maintain PPL's network security requirements, standards, and baselines for cloud, on-premises, and remote-access environments - including Fortinet firewall configuration baselines, Azure and AWS network security baselines, segmentation standards, and secure remote-access requirements.
Review and validate network architecture and design changes from a security perspective - providing requirements, recommendations, and sign-off as appropriate before changes are implemented by Infrastructure or Cloud Engineering.
Drive PPL's zero-trust networking strategy across cloud, physical, and remote-workforce environments - establishing the security model, segmentation principles, and identity-aware access requirements that Infrastructure and Cloud Engineering execute against.
Evaluate, recommend, and provide security requirements for new network security technologies (SASE/SSE platforms, NDR, DNS security, etc.) that improve visibility, reduce risk, and support automation across the enterprise.
Define network-layer and zero-trust controls for enterprise AI service traffic - including egress policies, conditional access, and data-leakage protections for approved AI assistants (e.g., Microsoft Copilot, Claude) to enable responsible AI use while protecting PHI and proprietary data.
Collaborate with DevOps and Cloud Engineering teams to embed network security controls into infrastructure-as-code, CI/CD pipelines, and automated deployment patterns - ensuring network security is enforced consistently and at the speed of delivery.
Partner with Application Development teams on secure application network design - reviewing API exposure, service-to-service communication, ingress/egress requirements, and third-party integration patterns to ensure new and existing applications align with PPL's network security standards.
Network Threat Detection & Incident Response
Conduct security reviews and assessments of PPL's network environment - including Fortinet firewall and wireless infrastructure (e.g., FortiGate, FortiAnalyzer), Azure network controls (NSGs, Azure Firewall, Application Gateway/WAF, private endpoints, E
Benefits
Health insuranceRemote work options
Additional Information
It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
Public Partnerships LLC (PPL) provides helps people with disabilities, chronic illnesses, or other long-term health conditions stay at home and "self-direct" their care. Known as consumer direction in New York, this long-term care model empowers people to take control of who provides their services and where. PPL was selected to be the Statewide Fiscal Intermediary for the New York Consumer Directed Personal Assistance Program (CDPAP) starting in 2025. We will, along with a diverse alliance of service partners across the state, support the delivery of culturally sensitive and disability competent care to CDPAP participants. We are looking for people who share our passion for helping New Yorkers live happy, healthy, and independent lives to support CDPAP consumers and their personal assistants across a broad spectrum of services and functions.
Our culture attracts and rewards people who are compassionate, results-oriented, and driven to exceed customer expectations. We desire motivated candidates who are excited to join our fast-paced, consumer-focused environment, and who want to make a difference in helping transform the lives of the people we serve.
Learn more about PPL and CDPAP at https://pplfirst.com/cdpap
Job Summary
The Senior Network Security Engineer is a hands-on technical security leader responsible for ensuring that PPL's network environment - including its cloud-primary infrastructure in Microsoft Azure, secondary presence in AWS, Fortinet-protected physical locations, and remote-first workforce - is designed, configured, and operated in alignment with PPL's security requirements, standards, and regulatory obligations. Reporting to the Director of Cybersecurity Operations, this role defines network security requirements, reviews and validates network architecture and controls, performs security assessments and audits, and partners closely with the Infrastructure team's Sr. Network Engineer, who owns administration of PPL's network and network security devices. The role serves as the Information Security team's subject matter expert on network security - driving zero-trust strategy, supporting incident response, evidencing compliance, and protecting the confidentiality and integrity of Medicare and Medicaid protected health information (PHI).
Publicpartnerships · Remote