Platform Security Engineer 2

Independently implement and maintain vDefend distributed firewall policies and NSX micro-segmentation rules for moderate-complexity environments.

Administer Identity Broker integrations, federation trusts, and access policy mappings across platform services.

Enforce platform security baselines and hardening standards for VCF management and workload domains.

Conduct recurring security configuration reviews and partner with engineering teams on remediation planning.

Assist in developing reusable policy standards, segmentation templates, and security implementation patterns.

Support integration of platform security controls with VCF tools such as Aria Operations, Automation, and logging/monitoring workflows.

Contribute to compliance guardrails by mapping platform configurations to CIS, NIST, and internal control requirements.

Participate in root cause analysis for security incidents and recurring control failures.

Provide operational guidance to Platform Security Engineer I staff and peer teams.

Schedule & Presence: This on-site role supports 24/7 operations through real-time collaboration, standard shifts occur within a 6:00 AM - 6:00 PM window, Monday through Friday. Additionally, this position requires scheduled on-call flexibility and the ability to remain reasonably reachable during off-hours for critical business continuity.

Hands-on experience with VMware NSX and/or vDefend in production.

Exposure to Azure, AWS, or hybrid cloud security concepts such as shared responsibility, cloud IAM, and security baselines.

Familiarity with VCF lifecycle, SDDC Manager, Aria Operations, Aria Automation, or related platform tooling.

Experience with policy-as-code or configuration-as-code tools such as OPA, Sentinel, Terraform, or Ansible.

Security+, VMware VCP, SC-900, AZ-500, or equivalent certifications.

Required Qualifications

Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or related field; or equivalent practical experience.

Minimum 3 years of experience in infrastructure security, systems security, network security, or virtualization engineering.

Experience with firewall rule administration, segmentation, and IAM in enterprise environments.

Working knowledge of VMware vSphere and experience with at least one of the following: NSX, vDefend, SSO/federation, or policy enforcement platforms.

Working knowledge of compliance frameworks such as CIS and NIST.

Experience with scripting, automation, or configuration validation., If you are required to drive for us, we require a valid driver's license and compliance with our vehicle policy.

At HDR, our employee-owners are fully engaged in creating a welcoming environment where each of us is valued and respected, a place where everyone is empowered to bring their authentic selves and novel ideas to work every day. As we foster a culture of inclusion throughout our company and within our communities, we constantly ask ourselves: What is our impact on the world? Watch Our Story:' https://www.hdrinc.com/our-story' Each and every role throughout our organization makes a difference in our ability to change the world for the better. Read further to learn how you could help make great things possible not only in your community, but around the world., HDR is our company. Together, we build on each other's life experiences and perspectives to make great things possible every day. This shapes our collaborative culture, encourages organizational trust and connects us closer to the clients and communities we serve. Our Commitment As employee owners, we all have a role in creating an inclusive environment where each of us is welcomed, valued, respected and empowered to bring our authentic selves to work every day. Our eight Employee Network Groups (Asian Pacific, Black, Hispanic/Latino(a), LGBTQ+, People with Disabilities, Veterans, Women, Young Professionals) help create a sense of belonging and foster a supportive environment where everyone is empowered to engage and contribute. Each group has an executive sponsor and is open to all employees.We provide a comprehensive benefits package that promotes employee ownership, employee health, performance, and success, which includes medical, dental, vision, short and long-term disability, life insurance, an employee assistance program, paid time away, parental leave, paid holidays, a retirement savings plan with employer match, employee referral bonus and tuition reimbursement. The expected compensation range for this position depends upon skills, experience, education and geographical location. (Stated benefits are for full-time regular positions. Temporary and part-time roles eligible for limited benefits.) Folsom, CA; Denver, CO; Englewood, CO: $79,541 - $113,630 Minneapolis, MN; St. Paul, MN: $75,926 - $108,465 Pennington, NJ: $83,157 - $118,795 Woodcliff Lake, NJ: $90,388 - $129,125 Olympia, WA: $72,310 - $103,300