Network Security Architect

We are seeking a highly skilled Network Security Architect to design, implement, and maintain secure network infrastructures. This role involves developing robust security frameworks, integrating advanced security tools and ensuring compliance with security best practices. The ideal candidate will have extensive experience in firewalls, encryption, zero-trust security, and intrusion prevention systems while collaborating with cross-functional teams to enhance cybersecurity resilience.

Key Responsibilities:

• Network Security Architecture: Design and implement secure network architectures, ensuring compliance with industry standards and best practices.
• Firewall & Intrusion Prevention: Configure, monitor, and optimize firewalls, IDS/IPS, and other network security solutions to protect against cyber threats.
• Secrets Management: Implement and manage HashiCorp Vault for secure storage, access control, and lifecycle management of credentials, certificates, and API keys.
• Encryption & Data Protection: Deploy encryption mechanisms (AES, RSA, TLS) to protect data in transit and at rest.
• Zero-Trust Security: Develop a zero-trust architecture (ZTA) by implementing strict identity verification, least privilege access, and network segmentation.
• VPN & Secure Network Protocols: Implement and manage VPN solutions, IPsec, SSH, HTTPS, and other secure protocols to protect data transmission.
• Access Control & Identity Management: Ensure strong authentication (including MFA) and role-based access control (RBAC) for network resources.
• Threat Detection & Response: Deploy and maintain SIEM, SOC, and incident response frameworks to monitor and mitigate security incidents.
• Cloud & Hybrid Security: Secure cloud environments (AWS, Azure, GCP) with cloud-native security tools and secrets management.
• Security Compliance & Audits: Ensure adherence to industry standards such as ISO 27001, NIST, GDPR, SOC 2, and CIS benchmarks.
• Patch & Vulnerability Management: Regularly update network security tools and perform vulnerability assessments to mitigate risks.

Required Skills & Qualifications:

• Bachelor's or Master's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• 10+ years of experience in network security architecture, design, and implementation.
• Strong knowledge of firewalls (Palo Alto, Cisco, Fortinet), IDS/IPS, VPN, and SIEM solutions.
• Experience in secrets management with HashiCorp Vault, cybersecurity automation, and PKI infrastructure.
• Hands-on experience with encryption standards, authentication protocols, and network segmentation.
• Proficiency in scripting or automation (Python, Bash, PowerShell, Terraform, Ansible) for security operations.
• Familiarity with Zero-Trust models, IAM frameworks, and compliance standards.
• Certifications such as CISSP, CISM, CEH, CCSP, or HashiCorp Vault Associate/Expert are a plus.