IT Network & Operational Security Architect

Référence:
ITS1025

Experience

Contract

Location

Mission

Jobdescription:

The candidate must be able to design and implement new Network and Operational Security components, integrated with other IT components, with stability and service continuity as key factors of success.
He/she must also be able to assess and monitor the lifecycle of such components, to maintain supportability, stability and performance.
IT Infrastructure team also ensure the highest level of support, and is in charge of coordination, analysis, follow-up and resolution of incidents and problems. Support will be given in person or by coordination of internal and external partners.

Tasks : 

After a short period of onboarding, the candidate will be in charge of implementation and lifecycle of
Network and Operational Security products, on-premises or in the private and public cloud. This include the tasks below:


Design Network and Operational Security solutions, and participate to the design of solutions leveraging Network and Operational Security components;
Challenge designs proposed by partners with a focus on Network and Operational Security products;
Provide assistance during IT scope definitions, specifically in the Network and Operational Security scope;
Ensure fluid integration of Network and Operational Security products with other IT products, to ensure service continuity, performance and alignment with business needs;
Implement designed solutions by coordination as Technical Project Manager;
Ensure lifecycle follow-up for implemented Network and Operational Security products;
Drive evolution of Network and Operational Security implementations to anticipate and comply with business needs;
Maintain and upgrade solutions by coordination as Technical Project Manager;
Write and maintain documentation for Network and Operational Security implementations (new or existing);
Write and maintain manual procedures and/or tools to automate and standardize changes (new or existing implementations);
Define and document processes related to Network and Operational Security implementations (new or existing);
Participate to continuous improvement of Network and Operational Security implemented products;
Popularize Network and Operational Security products to make them understandable for business partners.

Profile

Profile :

The candidate should have 10 or more years of experience in IT, and at least 4 years of experience in Network and Operational Security architecture. Operational experience will not be taken into account for Network & Operational Security, only design and architecture experience.

The candidate must :

Be able to reach objectives defined as business requirements, in autonomy:
   o transform them into technical designs and technologies
   o select market-standards technologies
   o estimate workload and budget accurately
   o plan carefully
   o coordinate (and sometimes participate to) implementation
   o document and organize maintenance

Be assertive in relation with IT colleagues and business end users, with respect for ideas, skills and interests of all involved people
Have good analysis and troubleshooting capabilities to quickly extract the best solution from multiple (and sometimes contradictory) sources of information
Be able to stay efficient under pressure, and stay flexible with priorities reordering
Demonstrate initiative capabilities and ability to argue proposed solutions, in order to help management to choose the best solution
Be comfortable with Microsoft Office suite, diagraming software and techniques
Be certified in Cisco (operational and design) and at least one security technology implemented (preference for CheckPoint)
Being fluent in spoken and written French and English is mandatory, Dutch is an important bonus asset.


Technical Skills:

Network and related technologies

o IPV4
o L2 and L3 technologies
o DHCP
o DNS (split-brain, multiple layers, private and public, Windows and Linux-based)
o Multiple layers and multiple partners routing, over more than 200 sites, including partners sites
o QoS


Switching and routing (LAN & WAN)

o Cisco Catalyst/Nexus family connected with fiber and copper links
o Cisco 5520 Wireless Controllers + Access Points
o Cisco Routers (Mainly for Proximus Explore)
o Cisco Ironport Email security appliances
o Juniper switches


MPLS networks

o Proximus Explore (all over Belgium) over ADSL/VDSL/Fiber
o Proximus Explore Cloud Connect extension to Azure ExpressRoute West Europe
o Infonet connection to Germany through Cisco routers managed by BT

Firewalls

o Checkpoint Firewall, IDS/IPS, URL filtering, Reverse Proxy, Endpoint for S2S VPN
o Fortinet Fortigate with FortiManager
o Cisco ASA (P2S and S2S VPN)


Load balancers

o F5 Big-IP


Certificates

o GlobalSign SSL and Code Signing
o Let's Encrypt SSL


Microsoft

o Windows 7 to Windows 10
o Windows Server 2003 to Windows Server 2019
o Active Directory, Azure Active Directory, AAD Connect, ADFS 4.0
o DNS Server, DHCP Server, Network Policy Server
o Skype for Business 2016
o Microsoft Azure
o Microsoft 365 & Microsoft System Center Configuration Manager

Linux (Redhat)

o Zabbix
o Ansible
o DNS servers, DHCP servers
o NTP server
o Squid Reverse Proxy
o Tomcat


Non-infrastructure products with strong infrastructure integration

o IBM DataPower, IBM MQ, IBM IIB