Job Description

Key Responsibilities

1. Network & Security Architecture Design

• Design end‑to‑end enterprise network and security architectures covering LAN, WAN, WLAN, SD‑WAN, data center, cloud networking, internet edge, DMZs, and remote access
• Define security‑by‑design patterns including network segmentation, zero‑trust principles, secure inter‑zone communication, and high availability
• Ensure redundancy, failover, and resilience are built into all designs
• Produce architecture diagrams, reference architectures, and low‑level designs

2. Security Controls & Technology Architecture

• Architect and standardize enterprise use of technologies such as NGFWs, IDS/IPS, VPNs (site‑to‑site and remote), NAC, secure web gateways, and DDoS protection
• Evaluate, recommend, and design integration of new and emerging security technologies
• Ensure controls are layered, consistent, integrated, and auditable

3. Enterprise Standards, Policies & Governance

• Define and maintain network and security architecture standards, design principles, guardrails, and approved technology stacks
• Review and approve solution designs from application teams, cloud teams, and System Integrators / MSPs
• Ensure compliance with enterprise security policies, architecture standards, and regulatory requirements

4. Risk Assessment & Threat Modeling

• Perform architecture‑level risk assessments for new platforms, cloud migrations, and external integrations
• Lead threat modeling and defense‑in‑depth reviews
• Ensure security risks and vulnerabilities are mitigated by design, not solely through point solutions

5. Cloud, Hybrid & Zero‑Trust Architecture

• Design secure cloud, hybrid, and SaaS connectivity models across AWS, Azure, and GCP
• Define zero‑trust network access and identity‑aware networking patterns
• Ensure seamless integration of cloud network designs with enterprise security controls

6. Managed Services & SI Alignment

• Act as client‑side architecture authority in SI‑led and managed services environments
• Review, challenge, and approve third‑party designs and implementations
• Ensure operational teams can run solutions securely while meeting SLAs and security obligations
• Prevent non‑standard implementations and technology sprawl

7. Incident Support, Resilience & Assurance

• Provide architectural guidance during major incidents, security events, and root cause analyses
• Ensure designs enable rapid recovery, minimal blast radius, and effective fault isolation

Required Skills & Experience

Technical

• Deep expertise in enterprise networking, segmentation, and network security architectures
• Hands‑on experience with firewalls, IDS/IPS, VPNs, hybrid and cloud networking
• Strong knowledge of zero‑trust and identity‑aware architectures
• Excellent design documentation and modeling skills

Soft Skills

• Strong stakeholder communication and executive engagement
• Ability to translate technical risk into business impact
• Design authority mindset without micromanagement
• Confident in challenging vendors and System Integrators

Qualifications

• Bachelor’s degree in Computer Science, IT, Engineering, or related field
• Preferred certifications: CCNP/CCIE, CISSP/CISM, and/or Cloud Security certifications