Offres d'emploi
Trouvez des postes près de chez vous, sur site, hybrides ou à distance.- Emplois similaires à : Lead Network & Security Architect
Lead Network & Security Architect
CelesticaRichardsonLead Network & Security Architect Summary We are seeking a highly experienced and meticulous Lead Network & Security Architect to join the IT Support team for the Hardware Platform Solutions (HPS) gro
Air-Gapped Network & Security Architect Lead
CelesticaRichardsonCelestica Inc. is looking for a Lead Network & Security Architect to join their IT Support team in Richardson, Texas. The successful candidate will lead the implementation of global Research and Devel
Network Security Architect
ConduentNew YorkNetwork Security Architect Key ResponsibilitiesDesign and implement robust and efficient network architecture solutions on Palo Alto firewalls, F5 load balancers, Meraki, and Azure.Maintain and update
Senior Network & Security Architect
MUFGLondonKey Responsibilities Network Systems Support Engineer is responsible for supporting the MUFG EMEA data network and all other aspects of networking, including firewall and network infrastructure.Incide
Senior Network Security & Cloud Architect
Hewlett Packard Enterprise Development LPSan JoseHewlett Packard Enterprise Development LP is seeking a Senior Network Security & Cloud Developer to lead design and development efforts for secure cloud applications. This role emphasizes mentoring an
Hybrid IT Security Architect - Lead Cloud & Network Defense
Michael Page International (Belgium)Cedar GroveMichael Page International (Belgium) is seeking a cybersecurity professional to lead and oversee network, systems, and security administration. The successful candidate will ensure the performance and
Lead Computer Network Architect (TS/SCI) - Design & Security
CACI InternationalAnnapolisCACI International Inc. is seeking a Computer Network Architect 4 in Maryland. The successful candidate will design and implement complex networks that meet organizational needs, analyze business requ
Senior Network Security Architect - Remote
9005 CVS Pharmacy, Inc.Woonsocket9005 CVS Pharmacy, Inc. is seeking a Sr. Network Engineer in Woonsocket, RI. The successful candidate will ensure the security, stability, and efficiency of the network infrastructure, with responsibi
Senior Network Security Architect - Infrastructure
Dormont Manufacturing CompanyJohnson CityDormont Manufacturing Co is seeking a Senior Technical Advisor in Binghamton, NY. This role involves implementing enterprise network security solutions, managing critical infrastructure, and translati
Remote Network Security Architect - Assessment & Design
Cloud Bridge Tech RecruitmentHarrowCloud Bridge Tech Recruitment is seeking a Network Security Engineer with a focus on assessment and architecture. This fully remote role offers up to £600 per day for a 9-month contract, emphasizing t
Senior Network & Security Architect (TS/SCI)
Riverside Research InstituteGreenvilleRiverside Research Institute in Greenville, Texas is seeking a Network & Infrastructure Engineer to be the primary technical authority for network and systems infrastructure activities. The role entai
Senior Network & Security Architect - Zero Trust & ISE
ManpowerGroup Global, Inc.ChandlerManpowerGroup Global, Inc. is searching for a Network / System Engineer III to join their Infrastructure Services Department in the United States. This role involves designing and implementing advance
Senior Network & Security Architect - Zero Trust & ISE
ManpowerGroup Global, Inc.WaterfordManpowerGroup Global, Inc. is searching for a Network / System Engineer III to join their Infrastructure Services Department in the United States. This role involves designing and implementing advance
Senior Network & Security Architect - SD-WAN & Fortinet Expert
Bulletproof Solutions IncWalthamBulletproof Solutions Inc is seeking a highly energetic and collaborative individual for the position of Senior Network Consultant. This role involves architecting secure WAN, LAN, WLAN, and SD-WAN en
Senior Security Solutions Architect, AWS Security & Networking - North America
AmazonAustinSenior Security Solutions Architect, AWS Security & Networking - North America Job ID: 10444166 | Amazon Web Services, Inc.Amazon Web Services (AWS) is looking for a passionate and experienced profess
Senior Security Solutions Architect, AWS Security & Networking - North America
AmazonSan DiegoSenior Security Solutions Architect, AWS Security & Networking - North America Job ID: 10461937 | Amazon Web Services, Inc.Application deadline: Jul 10, 2026AWS Global Sales (AGS) drives adoption of t
Cloud Security Architect: AWS Security Lead
Warner Media, LLCSilver SpringWarner Media, LLC. is seeking a Cloud Security Architect (AWS) with deep expertise in public cloud environments. This role involves designing, securing, and assessing cloud architectures, with a hybri
Lead Security Architect - GCP
Five Rivers ITDoralTerm: 12 MonthsRole Overview We are seeking a Lead Security Architect to serve as the technical authority for our Google Cloud Platform (GCP) ecosystem. This is an architecture role focused on high-le
Lead Firmware Security Architect
Webster & Webster AssociatesUnited StatesDoes the challenge of building a hardware-based root of trust for mission-critical systems excite you? We are looking for a Lead Firmware Security Architect to join an innovative technology firm speci
Lead Application Security Architect
ArriveLondonRole Summary The Application Security Architect is a senior, influential role responsible for orchestrating and leading Arrive’s global application security strategy. As a core member of the Global Se
Lead Product Security Architect - Cloud & OT Security
Dormont Manufacturing CompanyPlanoDormont Manufacturing Co in Plano, Texas is seeking a Technical Leader of Product Security Architecture to enhance security across all products. You will collaborate with various teams and provide str
Lead Information Security Architect
Fannie MaeRestonPlaying an essential role in the U.S. economy, FannieMae is foundational to housing finance. Here, your expertise can help fuel purpose‑driven innovation that expands access to homeownership and affor
Lead Application Security Architect
EasyParkLondonRole SummaryThe Application Security Architect is a senior, influential role responsible for orchestrating and leading Arrive’s global application security strategy. As a core member of the Global Sec
Lead Cyber Security Architect
McKessonUnited StatesMcKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible
Data & AI Security Architect Lead
Dormont Manufacturing CompanyArlingtonMastercard is seeking a Lead Data & AI Security Engineer for its Arlington, Texas location. This role involves serving as the primary security advocate for Data Commercialization and AI initiatives, e
Lead Network & Security Architect
- Richardson, Texas, United States
- Richardson, Texas, United States
À propos
The successful candidate will be responsible for implementing and maintaining a completely isolated, air-gapped network environment that operates independently of standard corporate IT networks. You will manage complex secure access paths, isolated VLAN provisioning, private full-mesh SD-WAN overlays, and a multi-tiered global data package replication and distribution system. You will also serve as the key enablement architect, helping project teams quickly spin up new project-specific instantiations of the RDL network model while adhering to strict security constraints.
Core Responsibilities
Deploy Reference Architecture: Standardize and implement the RDL reference design across all global HPS design locations (San Jose, Richardson, Thailand, Shanghai, SongShan Lake, Penang, Chennai and future locations).
Support New Instantiations: Act as the primary technical design authority to spin up new RDL network instances (allocating subnets, configuring dedicated VLANs, establishing local jump hosts, and defining user authentication parameters) for upcoming HPS design projects.
Strict Constraint Enforcement: Maintain absolute isolation of the RDL environments. Ensure zero direct or indirect public internet connectivity and guarantee that out-of-scope systems or agents (e.g., CrowdStrike, Threat Locker, Big Fix, ServiceNow Agents, ClearPass NAC, and Windows Domain joins) are strictly excluded from the lab network.
2. Network Infrastructure & Security
SD-WAN & Routing: Design, configure, and maintain the private, full-mesh SD-WAN overlay connecting global RDL sites.
Secure Firewalling: Configure and administer enterprise-grade firewalls (Checkpoint 3980) protecting the perimeter of each localized lab, defining strict ingress/egress filtering rules.
Switching & Segmentation: Manage core and access layer switches (Cisco Catalyst 9400/9200 series, Celestica DS2000, ES1500 switches) to segment the RDL into logical, multi-tenant VLAN environments—specifically separating Export Controlled and Non-Export Controlled network zones.
3. Identity and Remote Access Management
Remote Customer Access: Oversee the implementation and administration of CyberArk vPAM (Virtual Privileged Access Management) for remote customer connections.
Corporate Remote Access: Configure and maintain Zscaler ZTNA (Zero Trust Network Access) and App Connectors to terminate connections securely on Linux-based local jump hosts.
Decentralized Authentication: Design and maintain a secure user management protocol on jump hosts and local RDL nodes. As the RDL operates without Windows Active Directory, you will define standard operating procedures for the manual/programmatic creation of local system accounts and localized role-based access control (RBAC).
Repository Architecture: Maintain the multi-tier secure data distribution system:
IT Repository Server: Internet-facing ingestion nodes (running on Hyper‑V/Dell PowerEdge) to securely pull packages, drivers, and applications.
Global Repository Server: The middle‑layer relay that acts as a secure, scanned transit point between the corporate IT network and the isolated RDL network.
RDL Local Repository Server: Localized instances inside the labs that pull from the Global Repo and host files locally over HTTP/HTTPS at /var/www/html/repo/.
Workflow Automation: Ensure seamless, secure, programmatically validated transfer of "transfer bundles" containing operating system packages (Rocky, Ubuntu, CentOS, etc.) across the air gap.
Security Scans & Compliance: Coordinate with corporate IT and security teams to execute periodic vulnerability scanning and patching of repository servers, ensuring all packages undergo integrity checks before reaching the inner RDL networks.
Required Technical Skills
Hardware & OS Competencies: Hands‑on experience with Checkpoint Firewalls (Checkpoint 3980 preferred), Cisco Catalyst 9400/9200 switches, and SilverPeak SD‑WAN solutions.
Security & Identity Tools: Expert‑level understanding of CyberArk (PVWM/vPAM) and Zscaler ZTNA/Zscaler App Connectors.
Virtualization & Systems: Solid administration experience in VMware vSphere Enterprise and/or Microsoft Hyper‑V running on bare‑metal systems (e.g., Dell PowerEdge R670).
Linux Administration: Strong proficiency with Linux environments (Rocky Linux, Ubuntu, CentOS) for jump host configuration and secure HTTP/HTTPS local web repository servers (Nginx/Apache).
Network Segmentation & Protocols: Expert in VLAN tagging, inter‑VLAN routing, subnetting, IP address management (IPAM), and secure file transfer protocols.
Automated Data Pipelines: Familiarity with script‑based file synchronization and automated extraction/integrity validation mechanisms (e.g., hashing, checksums) for software deployment across isolated boundaries.
Strongly Preferred Certifications
Checkpoint Certified Security Expert (CCSE) or Master (CCSM)
Cisco Certified Network Professional (CCNP) - Enterprise or Security
CyberArk Certified Defender or Sentry
Certified Information Systems Security Professional (CISSP)
Soft Skills & Working Style
Detailed Documentation: Proven track record of generating flawless High‑Level Designs (HLD) and Low‑Level Designs (LLD), block diagrams, and standard operating procedures (SOPs).
Strategic Problem Solver: Comfortable working around strict operational boundaries where typical modern agents and automated tools are banned for security compliance.
Cross‑functional Partner: Ability to collaborate closely with HPS Design Engineers, Project Managers, Corporate IT Security, and external Customers.
Financial Stewardship: Ability to work closely with procurement to specify, justify, and size bill of materials (BOM) for both upgrading existing sites and provisioning new infrastructure.
Physical Demands
Duties of this position are performed in a normal office environment.
Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required.
Typical Education and Experience Bachelor’s degree in Network Engineering, Computer Science, Cybersecurity, or a related technical field.
Minimum of 8+ years of experience in network architecture, with a heavy emphasis on securing air‑gapped or highly isolated enterprise environments.
Notes This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.
Celestica is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws.
Celestica is an E-Verify employer.
#J-18808-Ljbffr
Compétences linguistiques
- English
Cette offre provient d’une plateforme partenaire de TieTalent. Cliquez sur « Postuler maintenant » pour soumettre votre candidature directement sur leur site.