Experience more with a career at COUNTRY Financial!
We’re excited you’re interested in a career at COUNTRY as we strive toward our vision - to enrich lives in the communities we serve. Our footprint spans coast to coast. But more important than where we operate, is the people who do the work. Apply today to help our organization grow and make a difference for our clients.
About the role
Country Financial is seeking a self-driven Cloud Network Security Engineer to lead the operation and hardening of technologies such as ZTNA, cloud-native firewalls, microsegmentation, DDoS protection, and on-premise firewalls, including B2B integrations. This role will champion the implementation of security guardrails across cloud networking and SD-WAN/firewall environments, while progressively introducing platform-as-code practices.
You’ll drive real-world improvements in resilience, failover capabilities, and policy hygiene. Strong expertise in cloud networking and deep hands-on experience are essential for success in this role.
How does this role make an impact?
- Design, build, implement, and support COUNTRY’s IT solutions.- Ensure IT solutions meet requirements for security, availability, capacity, resiliency, and performance in a way that is efficient and supportable, reducing overall support costs.- Understand industry leading solutions and trends for assigned technologies and applying those as appropriate for COUNTRY.- Understand business needs and partnering with appropriate IT counterparts to recommend technology solutions.- Establish and maintain an IT multi-year strategy with a focus on continuous improvement. Create and maintain solutions architecture artifacts and other strategy and system documentation.
Do you have what we’re looking for?

Required Qualifications:

• Typically requires 10+ years of relevant experience or a combination of related experience, education and training.
• Real‑world, best‑practice configuration experience with multiple of the following: ZTNA, cloud-native firewalls, microsegmentation, DDoS protection, and on-premise firewalls, including B2B integrations.
• Deep networking expertise: IPv4/IPv6, BGP/OSPF, IPsec, TLS/PKI, DNS, NAT, routing/UDR, HA patterns, and troubleshooting across layers 3–7.
• Proven troubleshooting: packet capture/analysis, SSL/TLS inspection issues, name resolution, routing/overlapping CIDR, identity/policy evaluation.
• Self‑starter with a track record of driving improvements without a formal mandate; can influence cross‑functionally and land pragmatic guardrails.
• Working automation skills: PowerShell or Python and familiarity with Terraform/Bicep and Git workflows (ability to build small, safe automations beyond theoretical knowledge)
• Clear, concise communication. Transparent change planning and status reporting; translates risk into actionable, well‑architected designs.

Preferred Qualifications:

• Extensive automation experience (Terraform providers, APIs, policies or platform as code) at scale.
• ZTNA automation, posture controls, forwarding methods (PAC/GRE/IPsec), and SSL inspection best practices.
• In-depth micro segmentation experience (labels and app‑centric policy design; blast‑radius control).
• Extensive experience with cloud security services and guardrails
• Experience introducing IaC in a maturing environment (incremental rollout, drift detection, config backup/diff, code owners, promotion between environments).
• Relevant certifications

Please refer the Job description for details