Title: Cloud Network & Security Engineer Location: Newport Beach, CA Job Description: Position Summary: MedReview is looking for a skilled Cloud Network & Security Engineer to join our team and play a key role in designing, optimizing, and securing our cloud infrastructure. This position is critical to ensuring scalability, performance, and compliance across our environment. This position is based in our Newport Beach, CA office Monday through Thursday, with Fridays remote. The salary range for this role is $140,000-150,000 depending upon experience Responsibilities: - Design and implement scalable cloud network solutions - Manage and deploy end-to-end cloud infrastructure (multi-tenancy, virtualization, orchestration) - Leverage automation tools like Python and Ansible to improve efficiency - Monitor network performance, troubleshoot issues, and ensure high availability - Implement and maintain security protocols to protect sensitive data (PI/PHI) - Manage firewalls, access controls, and network configurations - Collaborate cross-functionally with DevOps developers, and IT teams - Maintain documentation for network configurations and policies Required Skills: - 4-7 years of experience in networking engineering with a strong focus on cloud environments - Hands-on experience with Azure (AWS or GCP also considered) - Strong knowledge of networking protocols (BGP, OSPF, EIGRP, VLAN, STP) - Experience with security and monitoring tools (e.g., Splunk, SolarWinds, Zabbix, CrowdStrike) - Familiarity with HIPPA, HITRUST, or other compliance frameworks - Experience with firewalls (Palo Alto, Fortinet) and load balancers - Scripting/automation experience (Python, Ansible, PowerShell) - Strong troubleshooting and problem-solving skills - Relevant certifications (CCNP, Azure/AWS/GCP) are a plus

• Secure and manage RKD's Microsoft 365 environments • Collaborate with IT team to develop and implement security policies • Monitor and respond to security incidents and threats • Document security configurations and procedures • Manage and administer Microsoft 365 services including Microsoft Defender and Intune

• use your entrepreneurial skills and team mindset to come up with data-driven solutions • build and lead an agile team to deliver the advanced technology that drives the future • create a culture of trust, encourage diversity of thought and foster leadership in others • be part of the historic transformation of the automotive industry. • Collaborate with Software Product and Infrastructure and Operations leaders to shape a future-focused architectural approach for the LLC. • Aid in the selection of software solutions for the LLC that align with the architecture strategy. • Partner with a manufacturing service provider to establish an integration architecture that addresses the security and operational goals of the corporation. • Develop and implement the company's technology architecture and security strategy in line with business objectives. • Oversee all aspects of information security, including risk management, compliance, and incident response. • Collaborate with other departments to identify and prioritize technology needs and solutions. • Develop and maintain the architecture and security standards, policies, and procedures. • Stay up to date with emerging technologies and trends in information security. • Lead and mentor the architecture and information security team, fostering a culture of innovation, collaboration, and continuous improvement. • Ensure compliance with data protection and privacy regulations. • Develop and maintain disaster recovery and business continuity plans.

• Designing and building multi-agent LLM systems and routing logic that automate threat modeling, security design review, policy Q&A, and vulnerability analysis at scale • Developing retrieval-augmented generation (RAG) pipelines and semantic search systems across large code and documentation repositories • Creating automated code review capabilities that help identify insecure patterns and improve software quality earlier in the development lifecycle • Designing integrations with tools such as GitHub, Slack, Jira, Confluence, and cloud platforms to embed security guidance into everyday engineering workflows • Developing REST APIs and platform services with authentication, authorization, rate limiting, observability, and secure handling of sensitive data • Designing and maintaining scalable data processing pipelines for large codebases and document repositories, including extraction, indexing, stream processing, batch jobs, and parallel execution • Improving AI application security through controls such as prompt injection prevention, sensitive data filtering, supply chain security, and secure handling of model inputs and outputs • Enhancing NerdWallet's secure software development lifecycle (SSDLC) through automation, tooling, and developer-friendly security practices • Partnering with engineering teams to prioritize and remediate application and infrastructure security risks • Supporting incident response and on-call needs by contributing security engineering expertise, tooling, automation, and analysis when security issues arise • Identifying new opportunities for automation and AI augmentation across the security team, bringing fresh eyes and independent thinking to a growing backlog of high-impact work • Serve as technical lead on high-priority initiatives, taking ownership of technically complex work and collaborating across teams to deliver practical, measurable security outcomes • Help shape how AI and automation are securely adopted across NerdWallet's engineering ecosystem • Build tools and platforms that make security more accessible, scalable, and actionable for development teams • Improve the speed and quality of security reviews through thoughtful automation and security-first design • Strengthen customer trust by helping protect NerdWallet's products, systems, and sensitive data • Serve as an internal subject matter expert on AI and automation, advising on appropriate use cases, limitations, and risks to both technical and non-technical stakeholders.