Role Description:
The Network Security Architect will be responsible for designing, implementing, and managing the organization's network security infrastructure to ensure the confidentiality, integrity, and availability of enterprise data and systems. You will work closely with other architects, IT teams, and security engineers to align network security solutions with business goals and industry best practices.
Responsibilities:
Architect and implement secure network infrastructure, including segmentation, firewalls, VPNs, intrusion detection systems (IDS), and intrusion prevention systems (IPS).
Lead the design and deployment of Zero Trust security frameworks to enhance network defenses and control access.
Develop and implement secure network architectures for hybrid and multi-cloud environments (AWS, Azure, GCP).
Oversee configuration and management of firewalls, routers, proxies, and load balancers to enforce security policies and protect the network perimeter.
Design network segmentation to mitigate risk and ensure secure access controls across different layers of the enterprise network.
Design and manage VPNs and other remote access solutions to ensure secure communications for remote users.
Collaborate with the SOC team to implement effective monitoring, detection, and incident response mechanisms for network security events.
Conduct regular network security risk assessments, identify vulnerabilities, and recommend mitigation strategies.
Work closely with IT and DevOps teams to integrate security into networking and infrastructure projects.
Ensure that network security architectures adhere to industry regulations and standards (e.g. PCI-DSS, NIST, GDPR, etc.).
Evaluate new technologies, tools, and services that can improve network security, scalability, and performance.
Maintain accurate and up-to-date documentation of network security architectures, policies, and procedures.
Provide guidance and mentorship to junior security engineers and network administrators.
Qualifications:
Education: A Degree or its equivalent in Information Technology, Network Security, Enterprise Network Management, Information Security, Management Information System Computing, Engineering or similar area of study (Masters' degree, an added advantage).
Experience: Minimum of 5-8 years of experience in network security or related fields, with at least 3 years in an architect or senior-level role.
Deep understanding of network security principles, protocols, and standards (e.g., TCP/IP, DNS, BGP, SSL/TLS, VPNs, etc.).
Hands-on experience with firewall configuration, IPS/IDS, VPNs, and network access control (NAC) systems.
Expertise in deploying and managing secure network architectures in cloud environments (AWS, Azure, GCP).
Experience with Zero Trust Architecture principles and implementation.
Strong knowledge of encryption techniques, VPN technologies, and secure remote access solutions.
Familiarity with security tools like SIEM, firewalls (e.g., Palo Alto, Cisco ASA, Fortinet), and network monitoring tools.
Experience with network segmentation and micro-segmentation techniques.
Understanding of DevSecOps principles and their application to network security.
Certifications (Preferred)
CCNP Security, CISSP or CISM
Certified Information Systems Security Professional (CISSP)
Certified Ethical Hacker (CEH)
Cisco Certified Network Security Architect (CCNA/CCNP Security)
Cloud certifications (e.g. AWS Certified Solutions Architect, Azure Security Engineer)