Network Architect

Network Architect

Job Summary:

We are looking for a highly experienced Network Architect with 10+ years of experience in designing, implementing, and securing complex enterprise networks. The ideal candidate must have strong expertise in Check Point firewalls, network security, and cloud networking, ensuring high availability, security, and scalability of network infrastructure.

Key Responsibilities:

1. Network Architecture & Design:

• Design and implement scalable, high-performance network architectures for enterprise environments.
• Define and enforce networking standards, policies, and best practices
• Develop secure, redundant, and high-availability network designs for data centers, branch offices, and cloud environments.
• Evaluate and recommend network technologies, hardware, and software to optimize performance.

2. Firewall & Security (Checkpoint Expertise Required):

• Configure, manage, and optimize Check Point Firewalls (NGFW, R80.x, R81.x, VSX, Maestro, SandBlast, IPS, and VPNs).
• Design and implement firewall policies, rule sets, and security zones to align with industry best practices.
• Conduct firewall performance tuning, troubleshooting, and security audits.
• Implement intrusion detection and prevention (IDS/IPS) solutions and enforce Zero Trust Network principles.
• Stay updated with Check Point's emerging technologies, threat intelligence, and security patches.

3. Network Administration & Optimization:

• Oversee the configuration, monitoring, and maintenance of enterprise LAN, WAN, MPLS, SD-WAN, and VPN infrastructures.
• Implement QoS, traffic shaping, and network segmentation to enhance performance and security.
• Ensure network redundancy, failover, and load balancing for mission-critical applications.
• Troubleshoot complex network performance issues and lead root cause analysis.

4. Cloud & Hybrid Networking:

• Design and implement secure cloud networking solutions on AWS, Azure, and Google Cloud.
• Integrate cloud-native security controls and firewalls with Check Point CloudGuard.
• Deploy VPNs, ExpressRoute, Direct Connect, and SD-WAN solutions for hybrid cloud connectivity.
• Ensure secure API and container-based networking within cloud and microservices environments.

5. Network Security & Compliance:

• Ensure compliance with ISO 27001, NIST, PCI-DSS, GDPR, and other regulatory standards.
• Implement Zero Trust Security, Network Access Control (NAC), and micro-segmentation.

• Conduct vulnerability assessments, penetration testing, and risk mitigation for network security.
• Work with cybersecurity teams to integrate SIEM (Splunk, Sentinel, QRadar) and threat intelligence solutions.

6. Network Automation & Monitoring:

• Deploy and manage network monitoring tools (SolarWinds, PRTG, Nagios, Zabbix) for proactive issue detection.
• Automate network operations using Python, Ansible, Terraform, and REST APIs.
• Implement log management and correlation for security event detection.
• Optimize network configuration management using NCM and compliance reporting tools.

7. Technical Leadership & Documentation:

• Act as a subject matter expert (SME) for networking and security architectures.
• Provide mentorship and technical guidance to junior network engineers and security teams.
• Develop and maintain network diagrams, SOPs, technical documentation, and security policies.
• Collaborate with cross-functional teams (Cloud, Security, DevOps, Infrastructure) to align network strategies with business goals.

Required Skills & Qualifications:

Education & Certifications:

• Bachelor's or Masters degree in Computer Science, Network Engineering, or a related field.

• Checkpoint Certified Security Expert (CCSE) or Checkpoint Certified Security Master (CCSM) REQUIRED.

Additional certifications preferred:

• Cisco CCNP/CCIE (Enterprise, Security, or Data Center)
• Fortinet NSE4/NSE7 (a plus)
• Palo Alto PCNSE (a plus)
• AWS/Azure Networking Certifications (AWS Advanced Networking, Azure Network Engineer Associate)

Technical Skills:

• Expert-level experience with Check Point Firewall platforms (R80.x, R81.x, VSX, Maestro, SandBlast, IPS, and VPNs).
• Strong expertise in network protocols (BGP, OSPF, EIGRP, VXLAN, MPLS, SD-WAN).
• Experience with Cisco, Juniper, Palo Alto, Fortinet, and Aruba network solutions.
• Hands-on knowledge of Layer 2/3 switching, VLANs, STP, and redundancy protocols (HSRP, VRRP, GLBP).
• Proficiency in network security solutions (NGFW, IPS/IDS, SIEM, NAC, DDoS protection).
• Deep understanding of cloud networking and firewall integrations (AWS/Azure CloudGuard, VPC, VNET Peering, Direct Connect, ExpressRoute).
• Scripting and automation skills in Python, Ansible, Terraform, or PowerShell.

Soft Skills:

• Strong analytical and problem-solving abilities.
• Excellent communication, documentation, and stakeholder management skills.
• Ability to lead teams, mentor engineers, and manage multiple projects simultaneously.
• Self-motivated with a passion for cybersecurity, network engineering, and automation.