Job Overview
To design and implement network and security infrastructures in Data Centre, On-Prem,
Campus, and Public Cloud environments, with an emphasis on Azure cloud. The candidate will
have experience in technical solution proposals, designing, implementing, integrating, and
migrating Network Security solutions. As an Architect/Technical Lead, the candidate will be
responsible for leading technical solution proposal workshops, eGort estimation for projects,
vendor engagements, BoQ preparation, client interactions, supervising network and security
deployment configurations, and maintaining infrastructures.
Key Accountabilities
Responsibilities
- Design and Implement various Data center networking technologies including data
center fabric (Spine & Leaf topology with Cisco ACI, Juniper Apstra) and SDN (such
as VMware NSX-T).
- Design and Implement Core and Perimeter firewalls for diLerent technology
providers, such as Cisco, Palo-Alto, Fortinet and Juniper, in on-prem and Public
Cloud environments (mainly Azure cloud)
- Design and Implement the Network and Security environment on the Public Clouds,
with main focus on Azure cloud, including the Landing-Zone and related Network-
Security components (native cloud and 3rd parties services) as per the design.
- Migration of on-prem infrastructure to public/private cloud environment, and
between On-Prem locations
- Design, implement connectivity including Azure ExpressRoute, Virtual WAN, and
VPN connections for Azure hybrid cloud environments
- Conduct regular security assessments and vulnerability scans of Azure resources,
and ensure alignment Azure Well Architected framework
- Design and Implement Azure Security Center, Azure Sentinel, and other security
monitoring tools
- Develop and maintain disaster recovery and business continuity plans for Azurebased
systems
- Stay up to date with the latest Azure networking and security features and best
practices
- Design & Implement Email Security solution
- Design and Implement VPN solution
- Design and Implement of Identity and Access management solution
- Design and Implement IPT and Collaboration environment
- Design and Implement Wireless networks
- Develop and maintain High level Design (HLD) and low-level designs (LLD)
documents, Network-Security diagrams, Network-Security installation
configuration & guides, support procedures, test plans and runbook
- Prepare the required Rack diagrams, cabling, power and capacity requirements,
work closely with the Passive infrastructure teams to ensure cabling, power,
capacity are met and as required for Data Center hosting.
- Work closely with 3rd party technology providers when required.
- Conduct user acceptance testing and fully support the implementation team to
troubleshoot any issues during the implementation phase
- Plan and execute the Operation Readiness process, and Handover to end user
- Due-diligence exercises and information gathering for client’s network-security
infrastructure
- Working closely with the Pre-Sales team to review the RFPs and proposing the
required Solutions.
Project Management
- Supporting the project scope, gather client requirements, manage communications
- Identify project tasks/activities and develop project schedules.
- Collaborate with team members and project stakeholders
- ELectively communicate project objectives and goals
- Complete project activities on time, within budget and within scope
- Solve problems quickly, eLectively communicate solutions and associated risks
- Manage expectations and meet deadlines
Project Deliverables
- Develop implementation plans
- Prepare the Technical Solution Proposal document
- Prepare the High-Level Design (HLD) document
- Prepare the Low-Level Design (LLD) document
- Prepare Network Implementation Plan (NIP) document
- Prepare Network Migration Plan (NMP) document
- Prepare Network Ready For Use (NRFU) document
Minimum Qualifications
- Bachelor's degree or equivalent in Computer Science or related Engineering field
- Azure Security Engineer (AZ-500) certification (Preferred), with additional
certifications such as AZ-700 (Designing and Implementing Microsoft Azure
Networking Solutions) (Preferred)
- Designing Microsoft Azure Infrastructure Solutions (AZ-305) certification (Must)
- Cisco Certified Internetwork Routing and Switching/Security/Data Center
(CCIE)(preferred)
- Cisco Certified Network Professional in Collaboration (CCNP Collaboration)
(preferred)
- Palo Alto (PCNSE) or Fortinet NSE Certification (Must)
- VMware VCIX-NV (preferred)
- Azure solution Architect certified (preferred)
- F5 LTM/GTM certificate or equivalent vendor certificate (Preferred)
- ITIL foundation certification
Minimum Experience
- At least 13+ years' experience in Network Security field, with minimum of 2+ years in
Architect Role.
- Hands-on experience on designing and implementing Landing-Zone component
and the network security environment on Azure public cloud, including Azure native
& 3rd parties services
- Hands-on experience on security hardening and best practices.
- Hands-on experience of Network Virtualization technologies and SDN solutions,
such as NSX & ACI
- Hands-on experience in designing and implementing Data Center solutions, Legacy
3 tier & IP Fabric (Spine & Leaf) , with EVPN-VxLAN good knowledge
- Strong skills on producing and maintaining technical documentation like HLD, LLD
and Network diagrams etc.
- Experience with IP Telephony solutions
- Experience of Juniper/Cisco routing, switching and firewalling products.
- Expertise with Wireless network implementation
- Familiarity with PowerShell, Azure CLI, Terraform and ARM templates for automation
and infrastructure-as-code
- Strong Experience with hybrid cloud architectures and connectivity solutions
- Knowledge of compliance standards such as HIPAA, PCI-DSS, and ISO 27001
Preferred Qualifications
- Familiarity with Infrastructure Automation tools Including Terraform and Ansible
- Familiarity with containerization technologies like Docker and Kubernetes
- Knowledge of Python or other scripting languages for automation tasks
- Knowledge of CI/CD pipelines and DevOps practices
- CISSP, CCSP, or other relevant security certifications
Job Type: Full-time
Education:
- Bachelor's (Required)
Experience:
- Network Security field: 10 years (Required)
License/Certification:
- MS Azure Infrastructure Solution AZ-305 certificate (Required)
Work Location: In person
