Skip to main content
K

Senior Infrastructure & Security Engineer

Kurv

Location

Cleveland, OH

Salary

Not specified

Type

fulltime

Posted

Today

via linkedin

Job Description

Kurv is executing a fundamental digital transformation, moving from legacy monolithic systems to a resilient, cloud-native enterprise leveraging

AWS

and

Databricks

.

We are seeking a

Senior Infrastructure \& Security Engineer

to join our team as a

full-time, permanent stakeholder

. This role is for a long-term owner who will bridge the gap between our robust on-premise networking foundation and our future cloud state. Your primary responsibilities include the expert operational management of our newly established

SQL Server High-Availability (HA) Cluster

, the maintenance of our

Cisco and Palo Alto networking core

, and the ongoing build-out of our

AWS Landing Zone

.

Key Responsibilities

1\. Networking \& Hybrid Connectivity (Physical \& Cloud)

  • Core Network Management:

Maintain and optimize the existing physical network stack, including

Cisco, PaloAlto,

and

Brocade networking

equipment

  • Perimeter Security:

Manage

Palo Alto

firewalls, ensuring all inter-VLAN and inter-company traffic is scanned and secured.

  • Connectivity Resilience:

Oversee internet circuits and connectivity for the organization.

  • Hybrid Integration:

Implement and govern

AWS Transit Gateway

and

Direct Connect

(or IPsec VPN tunnels) to ensure seamless, secure communication across our hybrid environment.

2\. SQL HA Cluster Operations (Mission Critical)

  • Operational Ownership:

Serve as the primary owner for the newly created SQL Server HA environment, managing

Windows Failover Clustering

and

Always On/Basic Availability Groups

.

  • Performance Optimization:
  • Maintain a working understanding of performance characteristics within a high-utilization SQL Server environment, including memory configuration, tempDB structure, and index health, to support troubleshooting and prevent resource saturation.
  • Licensing \& RPO:

Manage SQL Server licenses with

Software Assurance (SA)

and conduct regular failover drills to guarantee

zero data loss (Zero RPO)

for our payments business.

3\. Cloud Architecture

  • Infrastructure as Code (IaC):

Maintain and expand our "Zero-Touch" production environment using

Terraform

to manage all AWS and Databricks resources.

  • Landing Zone Governance:

Govern the AWS Organization through

Control Tower

and

Service Control Policies (SCPs)

to ensure multi-account security.

  • FinOps:

Monitor real-time cloud spend; enforce mandatory tagging for departmental showback and manage auto-shutdown scripts for non-prod environments.

4\. Security, Identity \& PCI Compliance

  • PCI-DSS 4\.0 Compliance:

Lead the technical maintenance of strict network segmentation and isolation for PCI-scoped systems.

  • Identity-Based Perimeter:

Maintain

AWS IAM Identity Center

and

Databricks Unity Catalog

to enforce granular, identity-based access.

  • Threat Management:

Drive remediation of security findings (e.g., XSS, NTLMv2) and monitor real-time events via

Splunk

and

AWS Security Hub

.

5\. Backup \& Recovery Architecture (Enterprise Resilience)

  • Air-Gapped Data Protection:

Maintain and manage enterprise backup operations using Veeam, ensuring secure, immutable backups within an air-gapped architecture to protect against ransomware and catastrophic data loss.

  • Recovery Assurance:

Validate backup integrity through routine restore testing and verification procedures to support business continuity, disaster recovery objectives, and regulatory compliance requirements.

  • Operational Governance:

Monitor backup job health, retention policies, and storage lifecycle management to ensure consistent protection across on-premise and hybrid workloads.

Required Qualifications

  • 7\+ years

of enterprise experience in infrastructure, networking, and security.

  • Networking Mastery:

Advanced hands-on experience with

Cisco switching/routing

and

Palo Alto firewall

administration.

  • SQL Clustering Expertise:

Proven experience managing multi-node production SQL Server clusters (HA/DR).

  • AWS \& IaC:

Hands-on experience with AWS core services and

Terraform

for multi-account environments.

  • Practical PCI Experience:

Proven track record of supporting and passing audits in PCI-compliant environments.

  • Hybrid Systems Knowledge:

Strong background in

VMware vSphere

and

Windows Server (AD/GPO)

.

Valuable Certifications

The following certifications are highly desired for this permanent role:

  • Networking \& Security:
  • CCNP

(Routing and Switching) or

PCNSE

(Palo Alto Networks Certified Network Security Engineer)

  • PCI Professional (PCIP)

or

Internal Security Assessor (ISA)

  • CISSP

or

CISM

  • Cloud \& DevOps:
  • AWS Certified Solutions Architect – Associate

(SAA-C03)

  • HashiCorp Certified: Terraform Associate
  • AWS Certified Security – Specialty
  • FinOps Certified Practitioner (FCP)

What We’re Looking For

  • A Full-Time Stakeholder:

Someone who wants to take long-term pride in Kurv’s stability.

  • The "Bridge" Engineer:

Someone comfortable configuring a physical Cisco switch one hour and writing Terraform for an AWS Transit Gateway the next.

  • Knowledge Capture:

A willingness to collaborate with subject matter experts to translate deep institutional and technical knowledge into automated, scalable cloud patterns.

Looking for more opportunities?

Browse thousands of graduate jobs and entry-level positions.

All JobsSoftware Engineer JobsData Scientist JobsCareer Tips
Browse All Jobs
More JobsApply Now