Cloud Architect - Network and Security

We are seeking a highly skilled and experienced Cloud Architect to design and implement network and security infrastructures in Data Centre On-Prem Campus and Public Cloud environments with an emphasis on Azure cloud. The candidate will have experience in technical solution proposals designing implementing integrating and migrating Network Security solutions. As an Architect/Technical Lead the candidate will be responsible for leading technical solution proposal workshops effort estimation for projects vendor engagements BoQ preparation client interactions supervising network and security deployment configurations and maintaining infrastructures.

• Design and implement various data center networking technologies including data center fabric (Spine & Leaf topology with Cisco ACI Juniper Apstra) and SDN (such as VMware NSX-T).
• Design and implement core and perimeter firewalls for different technology providers such as Cisco, Palo Alto, Fortinet, and Juniper in on-prem and public cloud environments (mainly Azure).
• Design and implement the network and security environment on the public clouds with main focus on Azure, including the Landing-Zone and related Network Security components (native cloud and 3rd-party services) as per the design.
• Migration of on-prem infrastructure to public/private cloud environments and between on-prem locations.
• Design and implement connectivity including Azure ExpressRoute, Virtual WAN, and VPN connections for Azure hybrid cloud environments.
• Conduct regular security assessments and vulnerability scans of Azure resources and ensure alignment with the Azure Well-Architected Framework.
• Design and implement Azure Security Center, Azure Sentinel and other security monitoring tools.
• Develop and maintain disaster recovery and business continuity plans for Azure-based systems.
• Stay up to date with the latest Azure networking and security features and best practices.
• Design and implement Email Security solutions.
• Design and implement VPN solutions.
• Design and implement Identity and Access Management solutions.
• Design and implement IPT and collaboration environments.
• Design and implement wireless networks.
• Develop and maintain High-Level Design (HLD) and Low-Level Designs (LLD) documents, network-security diagrams, installation configurations & guides, support procedures, test plans and runbooks.
• Prepare required rack diagrams, cabling, power and capacity requirements; work closely with the Passive Infrastructure teams to ensure cabling and power capacity are met as required for data center hosting.
• Work closely with 3rd party technology providers when required.
• Conduct user acceptance testing and fully support the implementation team to troubleshoot issues during the implementation phase.
• Plan and execute the Operation Readiness process and handover to end users.
• Due-diligence exercises and information gathering for clients\' network-security infrastructure.
• Work closely with the Pre-Sales team to review the RFPs and propose the required solutions.

• Support the project scope, gather client requirements, and manage communications.
• Identify project tasks/activities and develop project schedules.
• Collaborate with team members and project stakeholders.
• Effectively communicate project objectives and goals.
• Complete project activities on time within budget and within scope.
• Solve problems quickly, effectively communicate solutions and associated risks.
• Manage expectations and meet deadlines.

• Develop implementation plans.
• Prepare the Technical Solution Proposal document.
• Prepare the High-Level Design (HLD) document.
• Prepare the Low-Level Design (LLD) document.
• Prepare Network Implementation Plan (NIP) document.
• Prepare Network Migration Plan (NMP) document.
• Prepare Network Ready For Use (NRFU) document.

• Bachelor’s degree or equivalent in Computer Science or related Engineering field.
• Azure Security Engineer (AZ-500) certification (Preferred) with additional certifications such as AZ-700 (Designing and Implementing Microsoft Azure Networking Solutions) (Preferred).
• Designing Microsoft Azure Infrastructure Solutions (AZ-305) certification (Must).
• Cisco Certified Internetworking Expert (CCIE) or related certifications (preferred).
• Cisco Certified Network Professional in Collaboration (CCNP Collaboration) (preferred).
• Palo Alto (PCNSE) or Fortinet NSE Certification (Must).
• VMware VCIX-NV (preferred).
• Azure Solutions Architect certification (preferred).
• F5 LTM/GTM certificate or equivalent vendor certificate (Preferred).
• ITIL foundation certification.

• Exceptional English communication skills (both written and verbal).
• Prior experience working effectively with international clients.
• Ability to work independently, manage time efficiently, and meet deadlines within Gulf Standard Time (GST) working hours.
• At least 13 years of experience in Network Security, with a minimum of 2 years in an Architect role.
• Hands-on experience designing and implementing Landing-Zone components and the network security environment on Azure public cloud including Azure native & 3rd party services.
• Hands-on experience on security hardening and best practices.
• Hands-on experience of Network Virtualization technologies and SDN solutions such as NSX and ACI.
• Hands-on experience in designing and implementing Data Center solutions (Legacy 3-tier & IP Fabric with EVPN-VxLAN) with good knowledge.
• Strong skills in producing and maintaining technical documentation like HLD, LLD and Network diagrams.
• Experience with IP Telephony solutions.
• Experience of Juniper/Cisco routing, switching and firewalling products.
• Expertise with wireless network implementation.
• Familiarity with PowerShell, Azure CLI, Terraform and ARM templates for automation and infrastructure-as-code.
• Strong experience with hybrid cloud architectures and connectivity solutions.
• Knowledge of compliance standards such as HIPAA, PCI-DSS and ISO 27001.

• Familiarity with infrastructure automation tools including Terraform and Ansible.
• Familiarity with containerization technologies like Docker and Kubernetes.
• Knowledge of Python or other scripting languages for automation tasks.
• Knowledge of CI/CD pipelines and DevOps practices.
• CISSP, CCSP or other relevant security certifications.

If you are a visionary in network and cloud security architecture with hands-on expertise in Azure SDN Data Center technologies and a passion for delivering enterprise-grade solutions we want you on our team! At the heart of our Cloud Center of Excellence (CoE) you will lead the design and implementation of cutting-edge infrastructure across hybrid and public cloud environments. Apply now to embark on a rewarding long-term journey with us.