Sr Engineer- Network & Security - Cloud CoE
Job Overview
To design and implement network and security infrastructures in Data Center, On-Premises,
Campus, and Public Cloud environments (with a primary focus on Azure cloud). The candidate
should possess experience in technical solution proposals, designing, implementing,
integrating, and migrating Network Security solutions. As a Technical Lead, you will be
responsible for leading technical workshops, project planning tasks, vendor engagements, Bill
of Quantity (BoQ) revisions, client interactions, supervising deployment configurations, and
maintaining the network and security infrastructures.
Key Accountabilities
Responsibilities
- Design and Implement various Data center networking technologies including data
center fabric (Spine & Leaf topology with Cisco ACI, Juniper Apstra) and SDN (such
as VMware NSX-T).
- Design and Implement Core and Perimeter firewalls for diLerent technology
providers, such as Cisco, Palo-Alto, Fortinet and Juniper, in on-prem and Public
Cloud environments (mainly Azure cloud)
- Design and Implement the Network and Security environment on the Public Clouds,
with main focus on Azure cloud, including the Landing-Zone and related Network-
Security components (native cloud and 3rd parties’ services) as per the design.
- Migration of on-prem infrastructure to public/private cloud environment, and
between On-Prem locations
- Design, implement connectivity including Azure ExpressRoute, Virtual WAN, and
VPN connections for Azure hybrid cloud environments
- Conduct regular security assessments and vulnerability scans of Azure resources,
and ensure alignment Azure Well Architected framework
- Design and Implement Azure Security Center, Azure Sentinel, and other security
monitoring tools
- Develop and maintain disaster recovery and business continuity plans for Azurebased
systems
- Stay up-to-date with the latest Azure networking and security features and best
practices
- Design & Implement Email Security solution
- Design and Implement VPN solution
- Design and Implement of Identity and Access management solution
- Design and Implement IPT and Collaboration environment
- Design and Implement Wireless networks
- Develop and maintain High level Design (HLD) and low-level designs (LLD)
documents, Network-Security diagrams, Network-Security installation
configuration & guides, support procedures, test plans and runbook
- Prepare the required Rack diagrams, cabling, power and capacity requirements,
work closely with the Passive infrastructure teams to ensure cabling, power,
capacity are met and as required for Data Center hosting.
- Work closely with 3rd party technology providers when required.
- Conduct user acceptance testing and fully support the implementation team to
troubleshoot any issues during the implementation phase
- Plan and execute the Operation Readiness process, and Handover to end user
- Due-diligence exercises and information gathering for client’s network-security
infrastructure (Assessment Exercise)
Project Management
- Perform the project scope, gather client requirements, manage communications
- Identify project tasks/activities and develop project schedules.
- Collaborate with team members and project stakeholders
- ELectively communicate project objectives and goals
- Complete project activities on time, within budget and within scope
Project Deliverables
- Develop implementation plans
- Prepare the Technical Solution Proposal document
- Prepare the High-Level Design (HLD) document
- Prepare the Low-Level Design (LLD) document
- Prepare Network Implementation Plan (NIP) document
- Prepare Network Migration Plan (NMP) document
- Prepare Network Ready for Use (NRFU) document
Minimum Qualifications
- Bachelor's degree or equivalent in Computer Science or related Engineering field
- Azure Security Engineer (AZ-500) certification (Preferred), with additional
certifications such as AZ-700 (Designing and Implementing Microsoft Azure
Networking Solutions) (Must)
- Azure solution Architect certified (AZ-305) (preferred)
- Cisco Certified Internetwork Routing and Switching/Security/Data Center
(CCIE)(preferred)
- Cisco Certified Network Professional (CCNP Routing and Switching/Security/Data
Centre/ Collaboration) (preferred)
- Palo Alto (PCNSE) or Fortinet NSE Certification (Must)
- VMware VCIX-NV (preferred)
- F5 LTM/GTM certificate or equivalent vendor certificate (Preferred)
- ITIL foundation certification
Minimum Experience
- 7 to 10 years' experience in Network Security field
- Hands-on experience on designing and implementing Landing-Zone component
and the network security environment on Azure public cloud, including Azure native
& 3rd parties services
- Hands-on experience on security hardening and best practices.
- Hands-on experience of Network Virtualization technologies and SDN solutions,
such as NSX & ACI
- Hands-on experience in designing and implementing Data Center solutions, Legacy
3 tier & IP Fabric (Spine & Leaf) , with EVPN-VxLAN good knowledge
- Strong skills on producing and maintaining technical documentation like HLD, LLD
and Network diagrams etc.
- Experience with IP Telephony solutions
- Experience of Juniper/Cisco routing, switching and firewalling products.
- Expertise with Wireless network implementation
- Familiarity with PowerShell, Azure CLI, Terraform and ARM templates for automation
and infrastructure-as-code
- Strong Experience with hybrid cloud architectures and connectivity solutions
- Knowledge of compliance standards such as HIPAA, PCI-DSS, and ISO 27001
Preferred Qualifications
- Familiarity with Infrastructure Automation tools Including Terraform and Ansible
- Familiarity with containerization technologies like Docker and Kubernetes
- Knowledge of Python or other scripting languages for automation tasks
- Knowledge of CI/CD pipelines and DevOps practices
Job Type: Full-time
Application Question(s):
- Are you Azure Solution Architect certified?
Education:
- Bachelor's (Required)
Experience:
- Network Security field: 7 years (Required)
Work Location: In person