7 Firewall Architecture Jobs

Lead the deployment of Cisco SD-WAN, Cisco ACI and network segmentation security strategies to enhance security and optimize network performance across multiple sites. Define the security architecture strategy for the organization, ensuring the network infrastructure is aligned with the latest security standards, compliance frameworks (e.g., NIST, ISO 27001), and business objectives. Architect highly scalable, secure, and high-performance Cisco-based security solutions for both on-premises and cloud environments, incorporating Cisco SD-WAN , next-gen firewalls , cloud security , and Zero Trust principles. Provide technical leadership in the integration of Cisco security solutions into complex multi-cloud environments, ensuring that security is embedded in all aspects of the network. Define and implement security frameworks to ensure the confidentiality, integrity, and availability of organizational data and assets, using Cisco’s security technologies such as Cisco ISE (Identity Services Engine) for network access control and Cisco Talos for threat intelligence and Splunk Work closely with other architects, network engineers, and security operations teams to develop a comprehensive end-to-end network security strategy that includes risk assessments, threat modeling, and secure design patterns. Lead the deployment of Cisco SD-WAN and network segmentation strategies using Cisco ACI to enhance security and optimize network performance across multiple sites. Advise stakeholders on emerging network security trends , including the integration of cloud-native security technologies, and ensure that the organization is prepared for the evolving threat landscape. Collaborate with DevOps and cloud teams to incorporate security as part of the CI/CD pipeline and automate security checks at every stage of application delivery. Review and enhance network security policies , ensuring they reflect best practices and are in line with industry standards. Manage the security governance process for the organization’s network infrastructure. Mentor and guide junior architects and network security engineers, sharing knowledge and driving best practices in the architecture and implementation of Cisco network security solutions. Engage with vendors , stakeholders, and third-party partners to evaluate new Cisco technologies and security solutions that can be leveraged to strengthen network defenses. Continuously assess the security posture of network infrastructure, utilizing Cisco Stealthwatch , SecureX , and other tools to detect and respond to potential threats. Knowledge of the CISCO AI tools Knowledge of different vulnerability assessments tools. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise Bachelor’s degree in Information Technology, Cybersecurity, Networking, or a related field (or equivalent work experience). 5+ years of experience in network security architecture with a strong focus on Cisco technologies, such as Cisco Secure Firewall (formerly Firepower), Cisco ASA, Cisco Umbrella, Cisco SecureX, Cisco ISE, Cisco Secure Network Analytics (formerly Stealth watch), Cisco Duo Security, Cisco Secure Access by Duo, and Cisco Cloud Security. Proven expertise in designing and implementing next-gen firewall architectures. Strong experience architecting and implementing Cisco cloud security solutions in multi-cloud environments (AWS, Azure, GCP), Cloud Firewalls, IPSec, Load Balancers and other virtual appliances Expertise in Zero Trust Architecture (ZTA) and its integration with Cisco security solutions . In-depth knowledge of Cisco ACI for secure network segmentation and application-centric security in data centers. Extensive experience in network risk management and security compliance frameworks (e.g., PCI-DSS, HIPAA, GDPR). Experience working with Cisco SecureX , Cisco Talos , and other Cisco tools for threat intelligence and network monitoring. Strong leadership skills with a proven track record of guiding cross-functional teams and senior leadership on strategic decisions related to network security architecture. Advanced proficiency in security automation and orchestration, including using Cisco’s automation tools to improve security operations. Strong understanding of cloud-native network security and integrating security into cloud environments. Excellent communication skills and the ability to present complex security concepts to both technical and non-technical stakeholders. Preferred technical and professional experience CCIE Security or CCNP Security certification (or equivalent). Deep understanding of Cisco Meraki and Cisco Talos threat intelligence platforms. Experience in architecting Secure SD-WAN solutions with Cisco Viptela and Cisco Meraki . Familiarity with micro-segmentation and implementing Cisco ACI in a multi-cloud environment. Expertise in securing IoT networks using Cisco security solutions. Knowledge of Cisco Identity Services Engine (ISE) and its integration into large-scale network security architectures.

Technology | Network Engineering | Network Automation Use cases, Development of Domain | Technologies in Instrumentation, Controls, Automation | Industrial Networking Technology | Networking Context | Large Multi Location Enterprise Technology | Network Support | L3 Support Technology | Network Administration | SDWAN, Configuration and Troubleshooting of Education Qualification : Engineer - B.E / B.Tech / MCA Hardware and Network: 1. Analyze business requirements to develop a blueprint for a complex large-scale integrated network. 2. Evaluate alternative technologies and architectures in relation to the customer`s infrastructure needs. 3. Interface with the management and vendors to develop and implement new solutions to meet the business requirements. 4. Wing2wing project execution from planning, designing, implementation, vendor and customer management for multiple projects. VPN: 1. Develop configuration standards, architecture and functionalities for deployment according to the company`s security policies. 2. Standards on Hashing, Encryption, Key Exchange and Groups. 3. Recommend product lines and deployment plan as per the company`s requirements. Security Standard Implementation Proxy 1. Plan, design and standardize Proxy Architecture - Integration for authentication, HA, Management (Central Console). 2. Define reporting parameters: Bandwidth utilization and session utilization per user. 3. Categorization of access rules for groups as per the company`s compliance guidelines. Firewall: 1. Understand the customer`s requirement and map the hardware to the design. 2. Build Framework for Firewall Redundancy. 3. Define the monitoring parameters as per the compliance requirement. Load Balancing: 1. Build Framework for LB, monitoring and manageability. 2. Design parameters in accordance to compliance and the customer`s requirement. Technical Skills: 1. Network components and devices. 2. Virtual Private Network (VPN) connection security. 3. Proxy, Firewalls and Network Load Balancing. Behavioral Skills: 1. Email communication, presentation and public speaking. 2. Strategic thinking, transactions processing and planning . 3. Analytical thinking and scientific temperament. 4. Interpersonal skills and nurturing relationships. 5. Customer Service orientation and business appreciation.

Offsite technical implementation, installation, and configuration of hardware Fortinet, Checkpoint ,cisco FTD Firewalls, IPS Router NAT configuration on firewall. vulnerabilities User Account Management Incident& Problem Management

JOB RESPONSIBILITIES Profile Experience Build a good knowledge of the products & technologies; in which DC/Hosting industry is operating and ensure timely intelligence to provide best of the service to customers. Should have leadership skills, team player and ready to manage team in complex situations and environment. Should have worked in Datacenter environment and understand the complexity. Managing multiple customers for new project implementation, management of services and support. Technical Abilities: Defines, documents, and enforces system standards. Maximizes performance by troubleshooting network problems and outages and scheduling upgrades. Collaborates with network architects on network optimization. Secures network system by establishing and enforcing policies and defining and monitoring access. Accomplishes information systems and organization mission by completing related results as needed. Configure and install various network devices and services (e.g., routers, switches, firewalls, load balancers, VPN, QoS) Perform network maintenance and system upgrades including service packs, patches, hot fixes and security configurations Monitor system resource utilization, trending, and capacity planning Provide Level-2/3 support and troubleshooting to resolve issues Work within established configuration and change management policies to ensure awareness, approval and success of changes made to the network infrastructure Install and manage various network equipments i.e. Cisco, HP, Dell, Aruba, Juniper etc. Having Firewall knowledge of Fortinet, SOPHOS, Palo Alto, SonicWALL, PfSense, Juniper will be preferred. Hands-on knowledge of network & security topologies and clear understanding the live environment and troubleshooting. Should be able to understand the hybrid (On prime & Cloud) network & security environment and manage it. Should be able to create and manage BGP, IP Sec or SSL VPN, VLAN, Netting, Petting etc. Select and implement security tools, policies, and procedures in conjunction with the companys security team Liaise with vendors and other IT personnel for problem resolution Role & Manageability: Maintain a pro-active and creative approach to support situations and customers Build trust, social activities & public relations with key account customers, work on solving their problems and respond to their requests any time Promote the companys image through attitude, professionalism, knowledge, customer orientation and responsiveness to customer’s needs Reporting Focus on providing, managing the technical support. Provide technical reporting, feedback, new solutions to the management. JOB REQUIREMENTS Academic Education: Bachelor degree / Technical degree Experience: Minimum 2+ years and above experience in technical / support. Experience in datacenter environment and its knowledge will be preferred. Clear technical role & achievements track record Skills: Skills in presenting & managing team and ready to work 24X7 if needed. Good communication and presentation skills Team player who is flexible and excels in an entrepreneurial environment Ability to work under pressure Dynamic, rigorous & self-directed personality Exhibits self-confidence, energy and enthusiasm Fluent in English would be a plus Others: Preferably Male Residing in and around Noida only.

Description Generic JD Job Responsibilities Lead cyber security initiatives and projects for the organization Work with security partners or MSP to ensure all the security due diligence is done as per best practices Design and update correlation rules based on security control situation and cyber threat circumstances, as well as create and maintain correlation guidelines and review process Determine security requirements by evaluating business policies and requirements; research information security solutions; perform system security and vulnerability scans and risk assessments; study the architecture/platform Define security strategies by specifying intrusion detection methodologies and equipment; lead the installation and calibration of equipment and software; prepare preventive and reactive measures; complete documentation Lead technology architecture practices related to Cloud infrastructure Improve the achievements and skills of the security team by planning the delivery of solutions; answer technical and procedural questions for less experienced team members; teaching improved processes; mentor team members Perform threat hunting and incident investigation over logs from SIEM Run vulnerability scans, pen. tests for IT and OT networks and remediate security gaps Respond to security incidents and analyze alerts, thresholds, logs, and threat cases Manage O365 platform and device security and improvements Monitor cloud platforms security and fine tune security dashboards and alerts Hardening of network firewall, switches, desktops and servers Conduct regular user trainings on cyber education and security policies Support technical forensic investigations Submit daily, weekly, monthly security reports to IT leadership based on risk ratings Research and evaluate new cybersecurity threats, IT trends and security controls Multitasking in high stress situations while ensuring that no details are missed Exercising good judgement when dealing with issues and ensuring a sense of urgency in their resolution while remaining calm and focused Experience with physical security standards would be plus Taking the initiative and working proactively with minimal supervision is a must Qualifications Bachelors degree or college diploma in Computer Engineering, Computer Science, or a related field, or equivalent training and experience and proven 5 to 7 years hands-on experience inIdentity and access management Cisco and other firewall architecture and integration Cyber threat hunting, research and mitigation Vulnerability assessment and pen testing Knowledge of MS Azure security, MS defender, Intune is a must Hands-on experience in cyber defense with experience in OT security would be an advantage. e.g., Experience in consulting, security monitoring, attack detection, incident response, forensics, or security engineering Experience with Intrusion Detection Systems (IDS) technologies and firewall IOCs, Analyze and/or decipher packet captures from network protocol analyzers (Wireshark, TCPdump, Nessus, Tenable etc) Experience with the full lifecycle of IT security including device provisioning, commissioning, and remote device management layers Good familiarity with manufacturing plant environment systems, Perdue model, ISA-95, cabling infrastructure, Cisco CPwE architecture and plant VLANs security layers Excellent up-to-date technical and hands-on knowledge/experience in current attack methods, detection approaches, state-of-the-art detection tools (e.g., SIEM, anomaly detection, etc), protection concepts (defense-in-depth, network protection, endpoint protection, cloud protection) Ability to manage conflicting priorities under tight deadlines with limited supervision Able to work in managed service environment and familiar with ITIL process methodologies for support and escalations Excellent knowledge of Active directory and MS Azure security policies, DNS,DHCP and TCP/IP protocols IT security related certifications such as Security+, Network+, CEH, CCIE, CCNP, PMP etc. would be an advantage NIST, ITIL Cybersecurity framework Good hands-on and strong can-do attitude Ability to drive projects by themselves and willingness to support business inititives and cross functional teams Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade D Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility No Global Role Family To be defined Local Role Name To be defined Local Skills English;IT security;identity and access management;architecture Languages RequiredENGLISH Role Rarity To Be Defined

Role & responsibilities: We are seeking a skilled and proactive IT Network, Security and Cloud Administrator to join our team. This role is responsible for managing and maintaining our network infrastructure, ensuring optimal performance, security, and reliability. The ideal candidate should be expertised in firewall, switch, WiFi administration, Active Directory, CrowdStrike, Zscaler, Google Workspace, Manage Engine - UEM, ServiceDesk, AD Self-Service, Cloud(AWS), and other related IT systems. Key Responsibilities: 1. Network Setup and Configuration: Install, configure, and maintain network hardware (firewalls, switches, access points) and software. Create and manage firewall policies, site-to-site VPNs, routing, Wi-Fi, VLANs, and Radius & LDAP for VPN/WiFi access. 2. Security Management: Implement and maintain security measures to protect the network from unauthorised access, viruses, and other threats. Set up firewalls, and intrusion detection systems, and conduct regular security audits. 3. Troubleshooting and Maintenance: Diagnose and resolve network issues promptly to minimise downtime. Monitor network performance, identify bottlenecks, and implement optimisation solutions. 4. Upgrades and Updates: Stay updated with the latest technology trends. Implement network upgrades or updates to improve performance, security, and efficiency. 5. Documentation and Reporting: Maintain detailed documentation of network configurations, procedures, and changes. Generate reports on network performance and security status for management. 6. Active Directory Administration: Manage user and group accounts, permissions, and access control. Design and maintain the OU structure, manage GPOs, and ensure security and access control. Integrate and manage DNS and DHCP services within Active Directory. 7. CrowdStrike Administration: Deploy and configure CrowdStrike agents, and manage endpoint protection settings. Handle alerts, conduct threat hunting, and optimise policies based on threat intelligence. 8. Zscaler Administration: Deploy Zscaler agents, configure initial settings, and manage security policies. Monitor threats in real time and respond to incidents. 9. Google Workspace Migration: Manage user accounts and groups, secure data with DLP policies, and handle Google Workspace service health and updates. Provide user support and troubleshoot issues. 10. Manage Engine - UEM Administration: Enrol and configure devices, apply security policies and manage app deployments. Monitor devic health and compliance, and provide technical support. 11. ServiceDesk Administration: Install and configure ServiceDesk Plus, customise modules, and manage incidents and problems. Oversee change and release management, asset tracking, and SLA compliance. Maintain a knowledge base and self-service portals. 12. AD Self Service : Configure self-service password reset policies, multi-factor authentication, and password synchronisation. Generate reports on password reset activities and compliance status. 13. Cloud (AWS) Administration: Manage IAM users and roles, provision EC2 instances, and handle S3 storage. Configure VPCs, load balancers, backup policies, and disaster recovery strategies. 14. Other Activities: Manage AUA/KUA server environments, firewalls, WAFs, and VPNs. Set up and manage disaster recovery environments, EC2 replication, and file store backups to S3. Handle SOC management and log management for critical devices. Preferred candidate profile: Masters/Bachelors degree in Computer Science, Information Technology, or a related field. Minimum 8+ years of experience in network and security administration. Proficiency in firewall, switch, and Wi-Fi administration. Strong knowledge of Active Directory, CrowdStrike, Zscaler, Google Workspace, Manage Engine UEM, ServiceDesk, AD Self-Service, and AWS. Excellent troubleshooting skills and the ability to diagnose and resolve network issues. Strong understanding of security principles and best practices. Excellent documentation and reporting skills. Relevant certifications (e.g., CCNA, CISSP, AWS Certified Solutions Architect) are added advantage. Perks and benefits: Up to INR 24 lakhs per annum

Lead the deployment of Cisco SD-WAN, Cisco ACI and network segmentation security strategies to enhance security and optimize network performance across multiple sites. Define the security architecture strategy for the organization, ensuring the network infrastructure is aligned with the latest security standards, compliance frameworks (e.g., NIST, ISO 27001), and business objectives. Architect highly scalable, secure, and high-performance Cisco-based security solutions for both on-premises and cloud environments, incorporating Cisco SD-WAN , next-gen firewalls , cloud security , and Zero Trust principles. Provide technical leadership in the integration of Cisco security solutions into complex multi-cloud environments, ensuring that security is embedded in all aspects of the network. Define and implement security frameworks to ensure the confidentiality, integrity, and availability of organizational data and assets, using Cisco’s security technologies such as Cisco ISE (Identity Services Engine) for network access control and Cisco Talos for threat intelligence and Splunk Work closely with other architects, network engineers, and security operations teams to develop a comprehensive end-to-end network security strategy that includes risk assessments, threat modeling, and secure design patterns. Lead the deployment of Cisco SD-WAN and network segmentation strategies using Cisco ACI to enhance security and optimize network performance across multiple sites. Advise stakeholders on emerging network security trends , including the integration of cloud-native security technologies, and ensure that the organization is prepared for the evolving threat landscape. Collaborate with DevOps and cloud teams to incorporate security as part of the CI/CD pipeline and automate security checks at every stage of application delivery. Review and enhance network security policies , ensuring they reflect best practices and are in line with industry standards. Manage the security governance process for the organization’s network infrastructure. Mentor and guide junior architects and network security engineers, sharing knowledge and driving best practices in the architecture and implementation of Cisco network security solutions. Engage with vendors , stakeholders, and third-party partners to evaluate new Cisco technologies and security solutions that can be leveraged to strengthen network defenses. Continuously assess the security posture of network infrastructure, utilizing Cisco Stealthwatch , SecureX , and other tools to detect and respond to potential threats. Knowledge of the CISCO AI tools Knowledge of different vulnerability assessments tools. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise Bachelor’s degree in Information Technology, Cybersecurity, Networking, or a related field (or equivalent work experience). 5+ years of experience in network security architecture with a strong focus on Cisco technologies, such as Cisco Secure Firewall (formerly Firepower), Cisco ASA, Cisco Umbrella, Cisco SecureX, Cisco ISE, Cisco Secure Network Analytics (formerly Stealth watch), Cisco Duo Security, Cisco Secure Access by Duo, and Cisco Cloud Security. Proven expertise in designing and implementing next-gen firewall architectures. Strong experience architecting and implementing Cisco cloud security solutions in multi-cloud environments (AWS, Azure, GCP), Cloud Firewalls, IPSec, Load Balancers and other virtual appliances Expertise in Zero Trust Architecture (ZTA) and its integration with Cisco security solutions . In-depth knowledge of Cisco ACI for secure network segmentation and application-centric security in data centers. Extensive experience in network risk management and security compliance frameworks (e.g., PCI-DSS, HIPAA, GDPR). Experience working with Cisco SecureX , Cisco Talos , and other Cisco tools for threat intelligence and network monitoring. Strong leadership skills with a proven track record of guiding cross-functional teams and senior leadership on strategic decisions related to network security architecture. Advanced proficiency in security automation and orchestration, including using Cisco’s automation tools to improve security operations. Strong understanding of cloud-native network security and integrating security into cloud environments. Excellent communication skills and the ability to present complex security concepts to both technical and non-technical stakeholders. Preferred technical and professional experience CCIE Security or CCNP Security certification (or equivalent). Deep understanding of Cisco Meraki and Cisco Talos threat intelligence platforms. Experience in architecting Secure SD-WAN solutions with Cisco Viptela and Cisco Meraki . Familiarity with micro-segmentation and implementing Cisco ACI in a multi-cloud environment. Expertise in securing IoT networks using Cisco security solutions. Knowledge of Cisco Identity Services Engine (ISE) and its integration into large-scale network security architectures.