Data Center Network Security Architect (Information Systems Analyst III, Option N)

About The Position

Requirements

• Requires knowledge, skill and mental development equivalent to four (4) years of college with course work in information technology, computer networking, computer engineering, computer science or directly related fields.
• Requires five (5) years of professional experience in Information Technology networking or directly related Information Technology field.
• Requires five (5) years of professional experience in data center network security architecture and design, including developing enterprise-level security network designs, implementing segmentation strategies, and enhancing compliance with security standards across on-premises and cloud environments, designing and supporting secure application load-balancing solutions, planning secure upgrade paths, and evaluating vendor technologies for enterprise deployment.
• Requires five (5) years of professional experience in enterprise firewall administration (Cisco/Palo Alto), including advanced configuration, policy-based controls, custom address translation, troubleshooting to secure multi-data center environments, responding to security advisories and vulnerabilities, leading mitigation planning and deployment, collaborating with vendors to resolve critical security issues, and enforcing least-privilege and policy hardening practices.
• Requires five (5) years of professional experience implementing and managing Layer 7 firewall policies, including micro-segmentation techniques to achieve compliance with regulatory frameworks including SOC 2, SOX, ISO, FedRAMP, and CJIS; implementing custom traffic management techniques including URL rewriting and port redirection, multi-data-center traffic distribution, and conducting root cause analysis (RCA) for security incidents and service disruptions.
• Requires five (5) years of professional experience with OSI Model Layers 1 through 7, including integration of network diagnostic tools, packet analyzers, and administration of enterprise security systems to perform complex network troubleshooting and vulnerability analysis, monitoring enterprise security infrastructure, managing service queues, ensuring SLA adherence, escalating time-sensitive incidents, and serving as a senior technical escalation and guidance resource for operational teams.

Nice To Haves

• Requires five (5) years of professional experience in data center network security architecture and design, including developing enterprise-level security network designs, implementing segmentation strategies, and enhancing compliance with security standards across on-premises and cloud environments, designing and supporting secure application load-balancing solutions, planning secure upgrade paths, and evaluating vendor technologies for enterprise deployment.
• Requires five (5) years of professional experience in enterprise firewall administration (Cisco/Palo Alto), including advanced configuration, policy-based controls, custom address translation, troubleshooting to secure multi-data center environments, responding to security advisories and vulnerabilities, leading mitigation planning and deployment, collaborating with vendors to resolve critical security issues, and enforcing least-privilege and policy hardening practices.
• Requires five (5) years of professional experience implementing and managing Layer 7 firewall policies, including micro-segmentation techniques to achieve compliance with regulatory frameworks including SOC 2, SOX, ISO, FedRAMP, and CJIS; implementing custom traffic management techniques including URL rewriting and port redirection, multi-data-center traffic distribution, and conducting root cause analysis (RCA) for security incidents and service disruptions.
• Requires five (5) years of professional experience with OSI Model Layers 1 through 7, including integration of network diagnostic tools, packet analyzers, and administration of enterprise security systems to perform complex network troubleshooting and vulnerability analysis, monitoring enterprise security infrastructure, managing service queues, ensuring SLA adherence, escalating time-sensitive incidents, and serving as a senior technical escalation and guidance resource for operational teams.
• Five (5) years of experience with data center and cloud security architecture, including capacity planning, secure application load balancing, and implementation of content filtering solutions to protect enterprise systems.
• Five (5) years of experience with intrusion detection and prevention systems (IDS/IPS), Domain Name Services (DNS) administration, DNS security (DNSSEC), and application load balancing to ensure secure and efficient traffic flow across enterprise environments.
• Three (3) years of professional experience in project coordination, including multitasking across complex security initiatives and strategic planning for data center network security implementations.
• Ability to analyze data logically and exercise sound judgement in defining and evaluating problems of an operational or procedural nature. Developed verbal and written communication skills to present technical information clearly and precisely to diverse audiences, including business users, development teams, and agency executives.
• Certifications in one or more of the following: Cisco Certified Network Professional (CCNP) Security, Cisco Certified Internetwork Expert (CCIE) Security, CompTIA Security, Certified Information Security Manager (CISM), Routing and Switching, Palo Alto Networks Certified Network Security Engineer (CCSE), or similar relevant certification(s) in Information Security

Responsibilities

• Serves as the Data Center Network Security Architect for the Department of Innovation & Technology (DoIT) performing highly complex professional, advisory, and technical functions for enterprise network infrastructure and security implementations, including serving as a technical expert in enterprise data center security architecture design and specifications, ensuring secure connectivity across on-premises and cloud environments.
• Collaborates with customers under high-pressure conditions to troubleshoot complex network security systems, end-user communication problems, suspected intrusions, and hardware/security software failures using network monitoring systems and traffic analyzers.
• Serves as technical project leader and analyst for strategic data center security planning, design, development, modification, and deployment of complex network security solutions across on-premise data centers, cloud services, and application load-balancing environments.
• Keeps abreast of new developments in the information technology security field by continuing education through online training platforms, meetings, training sessions, seminars, and conferences to increase familiarity with and remain current on products, vendors, techniques, and procedures.
• Performs other duties as required or assigned which are reasonably within the scope of duties enumerated above.

Benefits

• Competitive Group Insurance benefits, including health, life, dental and vision plans.
• Flexible work schedules (when available and dependent upon position).
• 10 -25 days of paid vacation time annually (10 days for first year of state employment).
• 12 days of paid sick-time annually which carry over year to year.
• 3 paid personal business days per year.
• 13-14 paid holidays per year dependent on election years.
• 12 weeks of paid parental leave.
• Pension plan through the State Employees Retirement System.
• Deferred Compensation Program – voluntary supplemental retirement plan.
• Optional pre-tax programs -Medical Care Assistance Plan (MCAP) & Dependent Care Assistant Plan (DCAP).
• Tuition Reimbursement Program and Federal Public Service Loan Forgiveness Program eligibility.