Start Date: Interview Types
Skills Amazon VPC design an.. Visa Types Green Card, US Citiz..
Location: 100% remote
Duration 1 year
KEY:
Senior AWS Network Engineers to execute a large-scale redesign and segmentation of CS Disco's AWS network. Resources will not architect but will execute under a Staff Engineer / Architect, focusing on VPC design, segmentation, ingress/egress controls, security hardening, and operational networking work to reduce SOX/security risk and improve platform reliability.
Job Description:
Senior AWS Network Engineer
Role Summary
CS Disco is seeking
Senior AWS Network Engineers to execute a large-scale redesign and segmentation of its AWS networking environment as the company transitions from a startup-era platform to an enterprise-grade, SOX-compliant operating model. This role is execution-focused-not architectural-working under a Staff Engineer / Architect to implement VPC redesigns, segmentation strategies, ingress/egress controls, and security hardening. The work directly reduces board-level security risk while improving platform reliability and developer experience.
Applicable Job Titles
- Senior Network Engineer
- Senior AWS Network Engineer
- Network Engineer
- Network Architect
- Lead Network Engineer
- Network Administrator
Top Critical Skills & Experience (What Success Requires)
- Deep AWS Networking Execution Experience (7+ years)
Proven hands-on experience building and modifying VPCs, subnets, routing, gateways, and security constructs at scale-no ramp-up required.
- Network Segmentation & Security Controls (7+ years)
Demonstrated ability to isolate environments, control east/west and north/south traffic flows, and reduce overly permissive communication patterns in regulated environments.
- Operational Execution & Reliability Focus (7+ years)
Strong operational mindset with experience creating runbooks, handling remediation, and executing day-to-day networking work while parallelizing large initiatives.
- Enterprise Security & Compliance Awareness
Experience supporting SOX-driven or audit-driven environments, understanding how networking decisions impact risk posture and governance.
- Execution Under Architectural Direction
Comfortable executing defined designs under a Staff Engineer / Architect without owning end-state architecture.
Required Skills, Tools, Technologies & Services
AWS Networking
- Amazon VPC design and restructuring
- Subnets, route tables, IGW/NAT Gateways
- Ingress and egress traffic controls
- Environment isolation and traffic segmentation
Network Segmentation & Security
- Traffic isolation strategies
- Reduction of hair-pinning and overly permissive access
- Security hardening aligned with compliance expectations
- Support for audit and board-visible risk reduction
Operational Execution
- Ongoing AWS networking operations
- Runbook creation and maintenance
- Incident remediation and reliability improvements
- Parallel execution of networking initiatives to unblock platform teams
Collaboration & Delivery
- Work closely with Staff Engineer / Architect
- Enable developers by abstracting networking complexity
- Execute changes without disrupting business operations
Nice-to-Have / Secondary Skills
- Experience in high-growth SaaS or startup-to-enterprise transitions
- Exposure to large-scale AWS environments with multiple teams
- Familiarity with governance, audit, or security review processes
Business Context & Impact
- CS Disco is moving from startup speed to enterprise governance
- Current AWS networking architecture presents high SOX and security risk
- Board-level urgency to improve security posture and platform reliability
- Internal teams are capacity-constrained and need senior execution support
- Goal is a mature platform where developers do not need to understand networking
Employee Value Proposition (EVP)
- High-impact AWS network redesign with board-level visibility
- Greenfield enterprise security hardening work
- Solve real AWS-at-scale networking problems
- Clear architectural leadership and direction
- Not a maintenance-only role-focused on meaningful, lasting change
Location & Workplace
- Workplace Type: 100% Remote