Network Security Architect

Company: Genesis10
Location: Saint Petersburg
Posted on: April 5, 2025

Job Description:

Genesis10 is currently seeking a Network Security Architect with our client in the Financial Services industry located in St. Petersburg, FL. Preference is for someone who can work on a "Hybrid" schedule with the ability to work onsite 2 to 3 days per week, however fully remote candidates may be considered if a great fit for the position. This is a for this 6+ month job opportunity.

All potential applicants are encouraged to scroll through and read the complete job description before applying.

Description:
Responsible for creating new network and network security architecture documents and designing complex network solutions that meet the organization's requirements for performance, automation, resiliency, scalability, security, and compliance. Work closely with the Lead Architect, Lead Engineers, and other IT teams, such as infrastructure, security, and applications, to ensure that the network is designed to meet the organization's needs.

Responsibilities:
Design, improve and innovate: Utilizes standard architecture templates architectural blueprints to engineer design network and network security solutions and strictly adheres to enterprise standards (engineering focused, architecture supported).
Designs comprehensive secure network solutions by carefully selecting hardware and software components, ensuring optimal alignment with project requirements and objectives.
Assists the Lead Architecture Manager in overseeing and coordinating the activities of the Network Architect Team, ensuring seamless collaboration and alignment with organizational objectives.
Research and recommend innovative technologies and approaches for network and network security management, upgrades, or improvements.
Performs complex technology and system assessments, collect business and technical requirements, and employing advanced methodologies to assess the efficiency and effectiveness of existing systems.
Provides expert technical guidance and supervision advice to architecture and engineering teams daily, fostering a culture of excellence and driving successful project outcomes.
Creates detailed network and network security documentation, including network diagrams, configurations, and standard operating procedures, to and provide clear guidelines and seamless handover to the network engineering team.
Incorporating network and network information security principles and practices into network architecture, ensuring the implementation of effective security measures controls, such as firewalls, intrusion detection systems, and encryption protocols, to safeguard the network against cyber threats.
Continuously learning and keeping up with evolving network technologies, industry standards, and best practices to ensure the network architecture remains current, scalable, and aligned with business goals.
Assessing network capacity requirements based on current and projected usage patterns and planning for scalability to accommodate future growth and changing business needs.
Ensuring proper change management processes are followed for network modifications and upgrades, including assessing the impact of changes, coordinating with stakeholders, and overseeing the implementation of changes to ensure minimal disruption to network operations.


Monitor, document, and offer proactive support: When needed, provide ad-hoc support to network engineering and operations.
Use approved architecture templates to produce and maintain documentation with regards to design and architecture principles that will aid engineers in building, configuring, and testing of new systems or system changes.
Maintain service level agreements of SNS metrics, key performance indicators and adhere to strict project timelines.
Maintain/Improve security posture, promptly addressing design issues, vulnerabilities, and security requirements according to regulatory guidelines (PCIDSS, PII, CIS, NIST)


Lead, collaborate and coach: Work collaboratively across a variety of business units to introduce and design new technologies.
Coordinate and take lead of assigned projects in all technical and communication aspects.
Work with architecture and engineering peers towards achieving common goals in assigned projects.
Perform knowledge transfer and cross training activities.
Provide technical leadership as an SME or as part of an Information Technology (IT) project.


Requirements: Experience with architecture and design principles.
Experience in network and network security architecture, design, and documentation of medium-large scale enterprise networks (10,000+ users)
Experience with Cisco and Arista enterprise technologies, such as:

Layer 2 LAN technologies (STP, VLANs, VTP, LACP)
High availability technologies (VPC, SVL, HSRP, VRRP, MLAG)
Routing protocols concepts (BGP, EIGRP, OSPF, MPBGP, VXLAN)

Experience in design and documentation of data center spine and leaf fabric (Arista/Cisco).
Experience with SDWAN technologies (Cisco, Palo Alto ION)
Experience with Secure Access Service Edge (SASE) technologies (Palo Alto Prisma Access)
Experience with Cisco wireless technologies in a large enterprise environment (Cisco WLC, FlexConnect, CAPWAP)
Experience with network security protocols, intrusion detection and prevention systems, secure socket layer (SSL) protocols, and virtual private networks (VPNs),
Experience with Network performance optimization, capacity planning and load balancing.
Ability to identify and understand issues, problems, and opportunities to compare data from different sources to draw conclusions.


Desired Skills: Experience with designing Palo Alto Centrally managed firewall platforms (NGFW Pan OS, Threat Prevention, UserID, Global Protect, and HA setup)
Experience with designing F5 Clusters, Load balancing, SSL decryption policies, DNS Geolocation (LTM, GTM, APM, ASM/Cloud WAF).
Experience with remote access VPN solutions (Global Protect, F5 BIG-IP Edge)
Experience with designing Network Access Control (NAC) solutions (Forescout/Cisco ISE)
Experience in designing secure and scalable network solutions for Cloud environments.
Familiarity with Certificate management (Venafi), Cryptographic protocols and algorithms, certificate PKI.
Familiarity with Infoblox DNS/IPAM functions.
Familiarity with Cloud computing principles.
Familiarity with Automation/scripting experience (Python, Ansible)
Familiarity with Network performance optimization, capacity planning and load balancing.
Familiarity with the following monitoring platforms: Microsoft SevOne, SolarWinds, DataDog, Splunk)
Familiarity with Information Security concepts, practices, and procedures, encompassing all aspects of safeguarding information assets.
Familiarity with Information Security programs including, but not limited to, audit reviews, risk assessment, awareness and training, identity and access management, data protections, secure SDLC, incident management, disaster recovery procedures, vulnerability assessment, penetration testing, third-party assessment, secure configurations, and patch management.
Network security protocols, architecture, and design principles; intrusion detection, prevention systems, secure socket layer (SSL) protocols, virtual private networks (VPNs).
In-depth understanding of network protocols such as TCP/IP, DNS, DHCP, SNMP, BGP, OSPF, EIGRP, MPLS, SD-WAN and VLANs, along with their implementation and troubleshooting.
Network performance optimization, capacity planning and load balancing.
Familiarity with Cryptographic protocols and algorithms.
Familiarity with cloud computing principles and experience in designing secure and scalable network solutions for cloud environments.
Familiarity with Government regulations, compliance and requirements related to Information Security (e.g., GLBA, GDPR, SOXA 404, FFIEC, PCI, Privacy, HIPAA, etc.).
Familiarity with Emerging technologies, such as 5G, software-defined networking (SDN), and network functions virtualization (NFV).


Educational/Previous Experience Requirements: Bachelor's degree in computer science, information technology or a related field.
10+ years of relevant experience in Network or Information Security, or an equivalent combination of education, training and experience.
Financial services experience highly preferred.


Licenses/Certifications Cisco Certified Internetwork Expert (CCIE) is Preferred
Arista Certified Engineer (ACE) L3 certification is required.
AWS Certified Cloud Practitioner, Google Professional Cloud Architect, Azure Solutions Architect Expert (One or more Required)
Certified Pega System Architect Certification, TOGAF (Preferred)
ITIL v3 Master Certification (Preferred)
Cisco Certified Network Professional (CCNP), Arista Certified Engineer ACE:L3 or higher, Palo Alto Networks Certified Network Security Engineer (PCNSE) (One or more required)
Security and control certifications (CISSP, CISM, CISA, CRISC) (Preferred)
GIAC/SANS Certificates (Sec504/Sec560) (Preferred)


Compensation: W2 hourly rate range from $95 to $110. Rates can vary depending on your experience, years, and type of experience.

W2 Status:
Only candidates available and ready to work directly as Genesis10 employees will
be considered for this position.

If you have the qualifications described and are interested in this exciting opportunity, please apply!

Genesis10 - Contract & Perm/Direct Hire
Ranked a Top Staffing Firm in the U.S. by Staffing Industry Analysts for six consecutive years, Genesis10 puts thousands of consultants and employees to work across the United States every year in contract, contract-for-hire, and permanent placement roles. With more than 300 active clients, Genesis10 provides access to many of the Fortune 100 firms and a variety of mid-market organizations across the full spectrum of industry verticals.

For contract roles, Genesis10 offers the benefits listed below. If this is a perm-placement opportunity, our recruiter can talk to you through the unique benefits offered for that particular client. Benefits of Working with Genesis10:
Access to hundreds of clients, most who have been working with Genesis10 for 5-20+ years.
The opportunity to have a career-home in Genesis10; many of our consultants have been working exclusively with Genesis10 for years.
Access to an experienced, caring recruiting team (more than 7 years of experience, on average.)
Behavioral Health Platform
Medical, Dental, Vision
Health Savings Account
Voluntary Hospital Indemnity (Critical Illness & Accident)
Voluntary Term Life Insurance
401K
Sick Pay (for applicable states/municipalities)
Commuter Benefits (Dallas, NYC, SF)
Remote opportunities available


For multiple years running, Genesis10 has been recognized as a Top Staffing Firm in the U.S., as a Best Company for Work-Life Balance, as a Best Company for Career Growth, for Diversity, and for Leadership, amongst others. To learn more and to view all our available career opportunities, please visit us at our website.

Genesis10 is an Equal Opportunity Employer. Candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
#DIG10-DA

Keywords: Genesis10, Orlando , Network Security Architect, IT / Software / Systems , Saint Petersburg, Florida