Cloud Architect - Network and Security

About the Role:

We are seeking a highly skilled and experienced Cloud Architect to design and implement network and security infrastructures in Data Centre On-Prem Campus and Public Cloud environments with an emphasis on Azure cloud. The candidate will have experience in technical solution proposals designing implementing integrating and migrating Network Security solutions. As an Architect/Technical Lead the candidate will be responsible for leading technical solution proposal workshops effort estimation for projects vendor engagements BoQ preparation client interactions supervising network and security deployment configurations and maintaining infrastructures.

Key Responsibilities:

• Design and Implement various Data center networking technologies including data center fabric (Spine & Leaf topology with Cisco ACI Juniper Apstra) and SDN (such as VMware NSX-T).
• Design and Implement Core and Perimeter firewalls for different technology providers such as Cisco Palo-Alto Fortinet and Juniper in on-prem and Public Cloud environments (mainly Azure cloud)
• Design and Implement the Network and Security environment on the Public Clouds with main focus on Azure cloud including the Landing-Zone and related Network Security components (native cloud and 3rd parties services) as per the design.
• Migration of on-prem infrastructure to public/private cloud environment and between On-Prem locations
• Design implement connectivity including Azure ExpressRoute Virtual WAN and VPN connections for Azure hybrid cloud environments
• Conduct regular security assessments and vulnerability scans of Azure resources and ensure alignment Azure Well Architected framework
• Design and Implement Azure Security Center Azure Sentinel and other security monitoring tools
• Develop and maintain disaster recovery and business continuity plans for Azure based systems
• Stay up to date with the latest Azure networking and security features and best practices
• Design & Implement Email Security solution
• Design and Implement VPN solution
• Design and Implement of Identity and Access management solution
• Design and Implement IPT and Collaboration environment
• Design and Implement Wireless networks
• Develop and maintain High level Design (HLD) and low-level designs (LLD) documents Network-Security diagrams Network-Security installation configuration & guides support procedures test plans and runbook
• Prepare the required Rack diagrams cabling power and capacity requirements work closely with the Passive infrastructure teams to ensure cabling power capacity are met and as required for Data Center hosting.
• Work closely with 3rd party technology providers when required.
• Conduct user acceptance testing and fully support the implementation team to troubleshoot any issues during the implementation phase
• Plan and execute the Operation Readiness process and Handover to end user
• Due-diligence exercises and information gathering for clients network-security infrastructure
• Working closely with the Pre-Sales team to review the RFPs and proposing the required Solutions.

Project Management:

• Supporting the project scope gather client requirements manage communications
• Identify project tasks/activities and develop project schedules.
• Collaborate with team members and project stakeholders
• Effectively communicate project objectives and goals
• Complete project activities on time within budget and within scope
• Solve problems quickly effectively communicate solutions and associated risks
• Manage expectations and meet deadlines
  

Project Deliverables:

• Develop implementation plans
• Prepare the Technical Solution Proposal document
• Prepare the High-Level Design (HLD) document
• Prepare the Low-Level Design (LLD) document
• Prepare Network Implementation Plan (NIP) document
• Prepare Network Migration Plan (NMP) document
• Prepare Network Ready For Use (NRFU) document

Required Skills & Qualifications:

• Bachelors degree or equivalent in Computer Science or related Engineering field
• Azure Security Engineer (AZ-500) certification (Preferred) with additional certifications such as AZ-700 (Designing and Implementing Microsoft Azure Networking Solutions) (Preferred)
• Designing Microsoft Azure Infrastructure Solutions (AZ-305) certification (Must)
• Cisco Certified Internetwork Routing and Switching/Security/Data Center (CCIE)(preferred)
• Cisco Certified Network Professional in Collaboration (CCNP Collaboration) (preferred)
• Palo Alto (PCNSE) or Fortinet NSE Certification (Must)
• VMware VCIX-NV (preferred)
• Azure solution Architect certified (preferred)
• F5 LTM/GTM certificate or equivalent vendor certificate (Preferred)
• ITIL foundation certification

Soft Skills & Experience:

• Exceptional English communication skills (both written and verbal).
• Prior experience working effectively with international clients.
• Ability to work independently manage time efficiently and meet deadlines within Gulf Standard Time (GST) working hours.
• At least 13 years experience in Network Security field with minimum of 2 years in
  Architect Role.
• Hands-on experience on designing and implementing Landing-Zone component and the network security environment on Azure public cloud including Azure native & 3rd parties services
• Hands-on experience on security hardening and best practices.
• Hands-on experience of Network Virtualization technologies and SDN solutions such as NSX & ACI
• Hands-on experience in designing and implementing Data Center solutions Legacy 3 tier & IP Fabric (Spine & Leaf) with EVPN-VxLAN good knowledge
• Strong skills on producing and maintaining technical documentation like HLD LLD and Network diagrams etc.
• Experience with IP Telephony solutions
• Experience of Juniper/Cisco routing switching and firewalling products.
• Expertise with Wireless network implementation
• Familiarity with PowerShell Azure CLI Terraform and ARM templates for automation and infrastructure-as-code
• Strong Experience with hybrid cloud architectures and connectivity solutions
• Knowledge of compliance standards such as HIPAA PCI-DSS and ISO 27001

Preferred Qualifications

• Familiarity with Infrastructure Automation tools Including Terraform and Ansible
• Familiarity with containerization technologies like Docker and Kubernetes
• Knowledge of Python or other scripting languages for automation tasks
• Knowledge of CI/CD pipelines and DevOps practices
• CISSP CCSP or other relevant security certifications

Join Our Team!

If you are a visionary in network and cloud security architecture with hands-on expertise in Azure SDN Data Center technologies and a passion for delivering enterprise-grade solutions we want you on our team! At the heart of our Cloud Center of Excellence (CoE) you will lead the design and implementation of cutting-edge infrastructure across hybrid and public cloud environments. Apply now to embark on a rewarding long-term journey with us.