About the group:
Cognizant’s Cloud, Infrastructure, and Security Services Practice (CIS), is all about accepting digital transformation by driving core modernization holistically across layers. We help customers transform infrastructure and workplace to meet the constantly evolving needs of the digital era. Our broad approach delivers key results for our customers by achieving cloud driven modernization and workplace and operational transformation to own the business in a secure environment.
*Please note, this role is not able to offer visa transfer or sponsorship now or in the future*
Role: AWS Network & Security Engineer
Location: Toronto, ON
Mandatory skills: AWS - AWS networking: VPC, Transit Gateway, Direct Connect, VPN, Route 53, PrivateLink, Global Accelerator. TCP/IP, routing, DNS, BGP, firewalls, TLS/SSL. Palo Alto, Checkpoint, F5, CrowdStrike, Splunk
Role Summary
We are looking for a senior AWS Networking & Security Engineer to lead the greenfield setup of the client's AWS landing zone. The engineer will be responsible for designing and implementing the network architecture, connectivity, and security controls from the ground up, ensuring the foundation is scalable, compliant and aligned with AWS Well-Architected best practices.
Key Responsibilities
- Design and implement the AWS landing zone, multi-account structure using AWS Organizations, Control Tower and SCPs.
- Architect VPC design including subnetting, routing, IPAM, Transit Gateway, VPC peering, PrivateLink and VPC endpoints.
- Set up hybrid connectivity using Direct Connect, Site-to-Site VPN and Route 53 (public/private hosted zones, resolver endpoints).
- Configure and manage AWS network security services: Security Groups, NACLs, AWS Network Firewall, AWS WAF, Shield, GuardDuty and Firewall Manager.
- Implement identity and access management using IAM, IAM Identity Center (SSO), permission boundaries and least-privilege policies.
- Set up data protection controls: KMS, Secrets Manager, ACM, S3 bucket policies and encryption at rest / in transit.
- Configure logging, monitoring and threat detection using CloudTrail, Config, CloudWatch, VPC Flow Logs, Security Hub, Macie and Inspector.
- Build and maintain infrastructure as code using Terraform / CloudFormation and CI/CD pipelines for network and security deployments.
- Define and document network and security standards, runbooks and reference architectures for the client.
- Work with client architects and application teams to onboard workloads securely into the landing zone.
Must-Have Skills
- Strong hands-on experience with AWS networking: VPC, Transit Gateway, Direct Connect, VPN, Route 53, PrivateLink, Global Accelerator.
- Strong hands-on experience with AWS security services: IAM, KMS, GuardDuty, Security Hub, WAF, Shield, Network Firewall, Config, CloudTrail, Macie, Inspector.
- Experience setting up AWS landing zones using Control Tower / AWS Organizations.
- Solid understanding of TCP/IP, routing, DNS, BGP, firewalls, TLS/SSL and zero-trust principles.
- Infrastructure as Code (Terraform mandatory; CloudFormation a plus).
- Experience with 3rd party network and security tools (Palo Alto, Checkpoint, F5, CrowdStrike, Splunk) integrated with AWS.
- Strong scripting skills (Python / Bash / PowerShell).
Good-to-Have
- AWS certifications: Advanced Networking - Specialty and / or Security - Specialty.
- Experience in BFSI / Insurance domain.
- Exposure to compliance frameworks (PCI-DSS, SOC2, NIST, ISO 27001).
- Multi-cloud (Azure / GCP) and on-prem networking background.
Soft Skills
- Strong client-facing communication, able to run design workshops with client architects.
- Ability to work independently in a greenfield setup with minimal supervision.
Compensation: We are offering between $114,000 – $130,000. Applications will be accepted until June 22, 2026.Cognizant will only consider applicants for this position who are legally authorized to work in Canada without requiring employer sponsorship, now or at any time in the future.
This position is also eligible for Cognizant’s discretionary annual incentive program, based on performance and subject to the terms of Cognizant’s applicable plans.
Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements:
· Medical/Dental/Vision/Life Insurance
· Paid holidays plus Paid Time Off
· 401(k) plan and contributions
· Long-term/Short-term Disability
· Paid Parental Leave
· Employee Stock Purchase Plan
Disclaimer: The salary, other compensation, and benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.
*Please note, this role is not able to offer visa transfer or sponsorship now or in the future*
关于高知特 (Cognizant)
高知特(Cognizant)(纳斯达克代码:CTSH)作为一家AI Builder和相关技术服务提供商,致力于通过打造全栈AI解决方案,帮助企业将人工智能投资转化为实际价值。公司凭借深厚的行业经验、流程优化和工程技术专长,将企业独特的业务场景融入科技系统,赋能组织释放人才潜能,推动切实成果,并帮助全球企业在瞬息万变的环境中保持领先。如需了解更多详情,敬请访问 cognizant.ai 或关注@cognizant。
补充雇佣信息
薪酬信息截至本职位发布之日为准。Cognizant 保留在适用法律允许的范围内随时修改该信息的权利。
申请人可能需要通过现场面试或视频会议的方式参加面试。此外,候选人在每次面试时可能需要出示其当前所在州或政府签发的有效身份证件。
Cognizant 是一家提供平等就业机会的雇主。在招聘过程中,您的申请和候选资格不会因种族、肤色、性别、宗教、信仰、性取向、性别认同、国籍、残疾、遗传信息、怀孕、退伍军人身份或任何其他受联邦、州或地方法律保护的特征而受到影响。
