Job Description:

　　Position Summary:

　　This role is responsible for defining an architectural vision and architecture for large, complex DMZs, which align with the enterprise architecture strategy, technology, and platform choices for the defined technology. Key responsibilities include describing the DMZ intent/associated operating environment, evaluating system impacts and determining the primary systems/subsystems and their interfaces, assisting with end-to-end solution design where needed, defining nonfunctional requirements/architectural runway to support new epics/features and expand into new opportunities. This role ensures the solution is fit for purpose and use by working with stakeholders, vendors/service providers, and evaluating the impact of strategic design decisions. They also contribute to best practices, standard templates, and the architecture roadmap for defined domains.

　　Key Responsibilities:

　　Contribute in the creation of the architecture roadmap of defined technology domains in support of the product roadmap.Contribute to the development of best practices including standardized templates.Work across business and technology to create the solution intent and architectural vision for large complex solutions and evolve it based on an emerging requirements.Lead rapid shaping of a high-level architecture with details filled in with emerging business requirements; ensure architecture is flexible, modular, and designed to adapt easily.Facilitate solution driven discussions, lead the design of complex architectures, and find creative solutions through their knowledge of the domain, practical experiments, and Proof of Concepts (POCs).Clarify the architecture and assist with system design (where needed) for the development teams to support implementation and provide solution options to resolve any architectural impediments.Perform design and code reviews to ensure all nonfunctional requirements for a solution are sufficiently met (for example, security, performance, maintainability, scalability, usability, and reliability).Support the Principal Engineer as needed to select the technology stack required for solutions and help select preferred technology products.

　　Job Description

　　Technical DMZ network architect responsible for DMZ network project designs with focus on Hosting and DDOS solution designs. Also provide DMZ/Remote Access/SDWAN/Hosting/B2B/VPN Infrastructure Architecture for various LOB and B2B customers across various DMZ Zones including creation of network level HLD and LLD designs and solution delivery.

　　Assess design submissions for security compliance against baselines. Shepard requestors through technical challenges until designs are complete. Act in a liaison role between Global Information Security and as an escalation point for engineering / operations.

　　Self-starter who can lead projects. Must be able to troubleshoot multivendor solutions in lab or POC environments. Manage assigned networking projects, program components and deployments to deliver services in accordance with established company objectives. Maintain a thorough understanding of Network Infrastructure, IPv4/v6, IP Routing, DNS, Security, HTTP(S), VPN, and Network Monitoring tools.

　　Required Skills

　　Must have 10 plus years industry experience with technology domain experience and providing architecture solutionsMust have experience integrating solutions with Cloud provider environments such as MS Azure, AWS, Google, IBMMust have solid routing, switching, Arista, Cisco Nexus, Firepower/ASA, Fortinet router and DMZ/ISP experience.Must have a strong solid understanding of TCP/IP concepts, SDN, OSPF, BGP, VLAN, IPSEC, ISAKMP, PKI, QOS, Multicast, trunking/port-channeling, VRRP, FHRP protocols, enterprise level MPLS, VDC, flavors of VPC, SDN.Ability to utilize DDoS tools like Arbor and Prolexic/Akamai & F5/Silverline for mitigations to include Application layer, TCP state table and Bandwidth DDoS threats.Familiar with best practices to install and deploy various Arista & Cisco routing and switching platforms such as ISR, ASR, Catalyst and Nexus.Must have solid experience with large scale, complex network/DMZ environments and Authentication mechanisms (e.g. Active Directory, Ping federate)Experience with scripting languages

　　Desired Skills

　　Exposure to EOS and IOS-XR routingIPv6 Knowledge/experience to support certification testing of IPv6 capabilitiesExperience with automation and development of automation scripts. Python experience desirable.Experience with automation skills/tools such as: Arista CloudVision, Cisco NSO, Ansible, Netconf, YANGExperience test tools including Quali Cloud Shell, and Viavi Tera VMGeneral experience with security technologies, such as firewalls, intrusion detection, threat mitigationTechnology degree or substantial equivalent experience

　　Shift:

　　1st shift (United States of America)

　　Hours Per Week:

　　40