Network and Security Architect

Position Title : Network and Security Architect

Location : REMOTE

Duration : 6 Months with possibility of extension

Skills : Azure VMware Solution (AVS) exp mandatory

Job Summary

We are seeking an experienced Network and Security Architect to design and implement secure, scalable, and robust network architectures for the migration of on-premise VMware environments to Azure VMware Solution (AVS). This role involves developing end-to-end network designs, ensuring security best practices, and optimizing performance during the transition from on-premise infrastructure to Azure. The ideal candidate should possess strong expertise in networking, security, hybrid cloud environments, and deep knowledge of VMware and Azure technologies.

Key Responsibilities :

Lead the design and implementation of secure network architectures for the migration of on-premise VMware environments to Azure VMware Solution (AVS).

Develop network topology, routing, and firewall policies to ensure smooth integration between on-premise environments and Azure VMware Solution.

Collaborate with cloud architects, infrastructure engineers, and VMware experts to create a seamless network architecture for hybrid cloud setups.

Architect secure interconnectivity between on-premise data centers and Azure using ExpressRoute, VPN, ExpressRoute Global Reach and other networking solutions.

Ensure secure and high-performance network connectivity across Azure regions and on-premise data centers.

Implement Azure NSX-T for network virtualization, micro-segmentation, and enhanced security policies within AVS.

Define and configure network security policies, including access control, traffic filtering, and encryption for data-in-transit and data-at-rest.

Evaluate and implement Zero Trust architectures and security frameworks in both the on-premise and Azure environments.

Design and implement disaster recovery (DR) and high-availability (HA) network solutions to meet business continuity requirements.

Lead efforts in network segmentation and traffic isolation to ensure adherence to security policies and compliance regulations.

Integrate identity management and multi-factor authentication (MFA) across the AVS infrastructure for secure access control.

Conduct network security assessments and penetration testing to identify and remediate potential vulnerabilities.

Provide guidance on security best practices, including encryption, Palo Alto firewalls, IDS / IPS, and network monitoring tools for AVS.

Work closely with security teams to integrate Azure Security Center and other security tools for comprehensive monitoring and incident response.

Define and implement backup, recovery, and audit logging solutions to support the AVS migration.

Stay up-to-date on evolving networking technologies, security best practices, and Azure cloud services.

Required Skills & Qualifications :

Bachelor's degree in Information Technology, Computer Science, or related field. Master's degree is a plus.

10 years of experience in network architecture and security design for large-scale IT infrastructures.

5 years of experience with VMware and cloud environments, including Azure VMware Solution and Azure networking.

Expertise in network architecture, including firewalls, load balancers, routers, switches, and WAN / LAN design.

Deep understanding of Azure networking services, including Azure Virtual Network (VNet), ExpressRoute, VPN, ExpressRoute Global Reach, NSG (Network Security Groups), Azure Firewall, and DDoS Protection.

Hands-on experience with VMware NSX-T for network virtualization and security in hybrid cloud environments.

Strong understanding of security principles, including network segmentation, Palo Alto firewall configurations, intrusion detection / prevention systems (IDS / IPS), and VPN technologies.

Experience implementing Zero Trust security models, encryption standards, and multi-factor authentication (MFA) in cloud and on-premise environments.

Hands-on experience with load balancing technologies such as Azure Load Balancer, VMware NSX, and third-party appliances.

Familiarity with security frameworks such as NIST, ISO 27001, CIS Controls, and GDPR compliance.

Knowledge of network monitoring and security tools, including Azure Monitor, Azure Security Center, Splunk, and IDS / IPS solutions.

Proven experience in disaster recovery (DR) and high availability (HA) strategies for network and security infrastructures.

Strong knowledge of Azure IAM (Identity and Access Management) and role-based access control (RBAC).

Certifications such as CCNA, CCNP, VMware VCP-NV, Azure Solutions Architect, or Azure Security Engineer Associate are highly desirable.

Soft Skills :

Excellent communication and interpersonal skills to interact with both technical and non-technical stakeholders.

Strong problem-solving and critical thinking abilities.

Ability to lead cross-functional teams and mentor junior engineers in network and security practices.

Detail-oriented with a focus on security compliance and risk mitigation.

Proactive mindset with the ability to anticipate and mitigate risks in complex environments.

Preferred Qualifications :

Experience working in hybrid cloud environments, integrating on-premise and cloud-based networks.

Prior experience with large-scale network migrations involving VMware and Azure technologies.

Familiarity with Azure DevOps, CI / CD pipelines, and automation tools for network provisioning and security compliance.

Experience in performance tuning and optimization for cloud networks and security controls.