About the team:
The Information Technology team at Rubrik influences business processes, employee experience, and technologies to scale our organization to $1B+. This team creates operational efficiency across the company by centralizing the management of Infrastructure, Technology, and Data. The IT team ensures all stages of the software development lifecycle in a secured environment and scrutinizes the deployment of proper processes along with governance. They champion Rubrik on Rubrik and are the first customers of the Engineering teams at Rubrik.
Rubrik Corp IT is constructed of 100% SaaS and 0% on-premises. The IT team caters to accelerated enhancement of business value and multiple day-to-day business processes through our varied SaaS applications likeSalesforce.com, Oracle Netsuite, Workday, Snowflake, Etrade, jitterbit, Allocadia, etc. This team also delivers high-paced business outcomes with 100% system uptime backed by agile, nimble, simple, but cohesive Cloud architectures.
About the role:
We are seeking an experienced and hands-on Senior Cloud Network Engineer to design, implement, and operate resilient, secure, and scalable networking solutions across Rubrik’s hybrid multi-cloud environment (GCP, AWS, Azure, and OCI). This role includes responsibilities for FedRAMP-compliant network infrastructure supporting Rubrik’s federal and public sector cloud offerings.
As part of our Global Infrastructure & Platform Services organization, you will serve as a senior technical contributor for cloud networking, enabling seamless and secure service connectivity across global regions and cloud platforms — including isolated, compliance-boundary environments required for FedRAMP Moderate and High authorization.
This role combines strong hands-on technical depth with collaborative cross-functional execution. You will work closely with security, platform engineering, and application teams to improve how our services connect, scale, and operate.
What you’ll do:
- Design and implement cloud networking solutions across GCP, AWS, Azure, and OCI.
- Build and maintain hybrid multi-cloud connectivity, including VPC/VNet design, peering, transit gateways, interconnects, ExpressRoute, Direct Connect, and secure tunneling.
- Support and maintain FedRAMP authorization boundaries, including network segmentation, traffic isolation, and control documentation aligned with NIST SP 800-53.
- Contribute to a unified connectivity fabric supporting multi-tenant onboarding, service segmentation, traffic routing, and policy enforcement across clouds — including dedicated GovCloud or sovereign regions.
- Implement network observability (end-to-end traffic visibility, flow tracing, correlation ID propagation) to enable diagnostics and performance analysis.
- Apply network security controls including micro-segmentation, zero trust network access (ZTNA), identity-aware routing, firewall policies, and encryption in transit — mapped to FedRAMP and NIST 800-53 baselines.
- Support service-to-service communication, protocol translation, and traffic mediation across diverse environments.
- Partner with security, SRE, and developer teams to onboard services securely and efficiently to the networking fabric.
- Collaborate with the GRC and FedRAMP compliance team to support continuous monitoring, POA&M remediation, and ATO (Authority to Operate) maintenance.
- Apply automation-first principles using Infrastructure-as-Code (Terraform, Pulumi) and CI/CD pipelines.
- Follow and contribute to networking standards, best practices, and reusable templates for consistent, scalable, and secure deployments.
- Stay current on emerging networking technologies and contribute recommendations for improving Rubrik’s infrastructure.
Experience you’ll need:
- 5+ years of experience in network engineering, with hands-on experience in multi-cloud networking.
- Experience in managing Palo Alto Network VM Series firewalls, Palo Alto Prisma
- Experience with Arista and Cisco Network Devices
- Experience with EVPN-VxLan, Arista AVD, CVP, and GitOps workflows
- Solid understanding of cloud-native networking concepts across major CSPs: AWS (VPC, TGW, Direct Connect, GovCloud), GCP (VPC, Interconnect), Azure (VNet, ExpressRoute, Azure Government), OCI.
- Experience designing and operating hybrid/multi-cloud environments with high availability and low latency.
- Strong command of load balancing, DNS, NAT, TLS termination, L7 routing, HTTP/1.1–HTTP/3, and protocol translation.
- Experience architecting or supporting FedRAMP Moderate or High environments, including network boundary definition, segmentation, and NIST SP 800-53 control implementation.
- Experience with zero trust networking and modern network security design.
- Expertise in IaC tools such as Terraform, CloudFormation, or Pulumi.
- Strong scripting skills (Python, Bash, or similar) for automation.
- Experience with observability and telemetry tools (OpenTelemetry, FluentBit, Prometheus, Grafana, Datadog).
- Excellent communication and leadership skills; ability to collaborate and influence across engineering and infrastructure teams.
Preferred qualifications:
- Cloud networking certifications (e.g., AWS Advanced Networking, GCP Professional Cloud Network Engineer, Azure Network Engineer Associate).
- Familiarity with FedRAMP authorization processes, System Security Plans (SSPs), and continuous monitoring frameworks.
- Experience with service mesh technologies (e.g., Istio, Consul, Linkerd).
- Familiarity with HAProxy, NGINX, Envoy, or other L7 proxies/load balancers.
- Experience with compliance-driven or regulated environments, particularly FedRAMP, DoD IL2/IL4, or StateRAMP, is a strong plus.
Day 1 Expectations:
- Perform a deep-dive assessment of existing multi-cloud networking landscape and identify gaps and opportunities.
- Define a future-state architecture for unified, secure, and scalable cloud networking.
- Begin prototyping connectivity improvements, observability pipelines, and onboarding workflows.
Long-Term Ownership:
- Contribute to and execute cloud networking modernization efforts.
- Become a go-to technical resource for cloud networking systems, standards, and troubleshooting.
- Support the expansion and optimization of connectivity across Rubrik’s global infrastructure footprint.
- Help develop and maintain scalable design patterns to support future growth and product evolution.
Security and Privacy Responsibilities:
This position carries special Security and Privacy Responsibilities for protecting the U.S. Federal Government’s interests:
- Know, acknowledge, and follow system-specific security policies and procedures;
- Protect data and individual privacy per requirements and regulations;
- Perform ongoing activities in compliance with service and contractual obligations;
- Participate in role-based training, completing assignments on a timely basis;
- Report security issues promptly, and aid investigation when needed;
- Support controlled changes and vulnerability remediation activities; and
- Work collaboratively with Information Security in designing, implementing, assessing or enhancing system-specific security and privacy controls.
Position Risk Designation:
This position carries duties and responsibilities involving the U.S. Federal Government’s interests. The selected incumbent may be subject to one or both of the additional background checks with periodic re-screening as noted below:
Position Risk Designation: Non-Sensitive, Low Risk, Tier 1
Incumbents without access to U.S. Government data may be required to complete Standard Form 85 and undergo a Tier 1 Investigation (T1) for non-sensitive positions of Low Risk. (Baseline screening; formerly National Agency Check and Inquiries (NACI)).
Position Risk Designation: Non-Sensitive, Moderate Risk, Tier 2 (Public Trust)
Incumbents with access to U.S. Government data may be required to complete Standard Form 85P and undergo Tier 2 (T2) Investigation for non-sensitive positions designated Moderate Risk.
Position Risk Designation:Moderate Risk Law Enforcement (CJIS)
When hired for a position where access to Moderate Risk criminal justice information is required, the employee must complete a fingerprint-based national criminal history background check within 30 days after the employee’s start date.
Join Us in Securing and Accelerating the World's AI Transformation
Rubrik (RBRK), the Security and AI Operations Company, leads at the intersection of data protection, cyber resilience, and enterprise AI acceleration. Rubrik Security Cloud delivers complete cyber resilience by securing, monitoring, and recovering data, identities, and workloads across clouds. Rubrik Agent Cloud accelerates trusted AI agent deployments at scale by monitoring and auditing agentic actions, enforcing real-time guardrails, fine-tuning for accuracy and undoing agentic mistakes.
Linkedin | X (formerly Twitter) | Instagram | Rubrik.com
Inclusion @ Rubrik
At Rubrik, we are dedicated to fostering a culture where people from all backgrounds are valued, feel they belong, and believe they can succeed. Our commitment to inclusion is at the heart of our mission to secure the world’s data.
Our goal is to hire and promote the best talent, regardless of background. We continually review our hiring practices to ensure fairness and strive to create an environment where every employee has equal access to opportunities for growth and excellence. We believe in empowering everyone to bring their authentic selves to work and achieve their fullest potential.
Our inclusion strategy focuses on three core areas of our business and culture:
- Our Company: We are committed to building a merit-based organization that offers equal access to growth and success for all employees globally. Your potential is limitless here.
- Our Culture: We strive to create an inclusive atmosphere where individuals from all backgrounds feel a strong sense of belonging, can thrive, and do their best work. Your contributions help us innovate and break boundaries.
- Our Communities: We are dedicated to expanding our engagement with the communities we operate in, creating opportunities for underrepresented talent and driving greater innovation for our clients. Your impact extends beyond Rubrik, contributing to safer and stronger communities.
Equal Opportunity Employer/Veterans/Disabled
Rubrik is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
Rubrik provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Rubrik complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please contact us at hr@rubrik.com if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
EEO IS THE LAW
NOTIFICATION OF EMPLOYEE RIGHTS UNDER FEDERAL LABOR LAWS