Job Description
This role is responsible for defining an architectural vision and architecture for large, complex DMZs, which align with the enterprise architecture strategy, technology, and platform choices for the defined technology. Key responsibilities include describing the DMZ intent/associated operating environment, evaluating system impacts and determining the primary systems/subsystems and their interfaces, assisting with end-to-end solution design where needed, defining nonfunctional requirements/architectural runway to support new epics/features and expand into new opportunities. This role ensures the solution is fit for purpose and use by working with stakeholders, vendors/service providers, and evaluating the impact of strategic design decisions. They also contribute to best practices, standard templates, and the architecture roadmap for defined domains.
Job Description
DMZ Architect
Senior Network Architect to lead the design for DMZ network project designs with focus on enhancing LAB certification using Agentic AI to Validate design and check lab cert gaps.. Provides DMZ/Remote Access/SDWAN/Hosting/B2B/VPN/WEB Surfing Infrastructure Architecture for various LOB and B2B customers across various DMZ Zones including creation of network level HLD and LLD designs and solution delivery.
Assesses design submissions for security compliance against established baselines and shepherds requestors through technical challenges until designs are complete. Acts as a liaison between Global Information Security and engineering/operations teams, serving as an escalation point when required.
A self-starter capable of leading projects and troubleshooting multivendor solutions in lab or POC environments. Manages assigned networking projects, program components, and deployments to deliver services aligned with company objectives. Maintains a strong understanding of network
infrastructure, including IPv4/IPv6, IP routing, DNS, security, HTTP(S), VPN technologies, and network monitoring tools.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
Required Skills
• 10 years industry experience with technology domain experience
• Experience integrating solutions with Cloud provider environments such as MS Azure, AWS, Google, IBM
• Must have solid routing, switching, Arista, Cisco Nexus, Firepower/ASA, Fortinet router and DMZ/ISP experience.
• Solid understanding of TCP/IP concepts, SDN, OSPF, BGP, VLAN, IPSEC, ISAKMP, PKI, QOS, Multicast, trunking/port-channeling, VRRP, FHRP protocols, enterprise level MPLS, VDC, flavors of VPC, SDN.
• Ability to utilize DDoS tools like Arbor and Prolexic/Akamai & F5/Silverline for mitigations to include Application layer, TCP state table and Bandwidth DDoS threats.
• Familiar with best practices to install and deploy various Arista & Cisco routing and switching platforms such as ISR, ASR, Catalyst and Nexus.
• Experience with large scale, complex network/DMZ environments and Authentication mechanisms (e.g. Active Directory, Ping federate)
• Experience with scripting languages
• Technology degree or substantial equivalent experience
Desired Skills
• Exposure to EOS and IOS-XR routing
• IPv6 Knowledge/experience to support certification testing of IPv6 capabilities
• Experience with automation and development of automation scripts. Python experience desirable.
• Experience with automation skills/tools such as: Arista CloudVision, Teriform, Ansible, Netconf, YANG
• Experience test tools including Quali Cloud Shell, and Viavi Tera VM
• General experience with security technologies, such as firewalls, intrusion detection, threat mitigation
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.