About The Position
As a Network Security Architect, you will be the visionary and lead designer for our secure network infrastructure. You will design, build, and oversee the implementation of security systems that protect our nationwide ISP backbone, data centers, and customer-facing services. This role requires a deep understanding of BGP security, DDoS mitigation at scale, and the integration of security into high-throughput transport networks.
Requirements
- 8+ years in network engineering with at least 4 years focused specifically on security architecture in a Service Provider or large Enterprise environment.
- Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or equivalent experience.
- Highly preferred: CCIE Security, JNCIE-SEC, CISSP-ISSAP, or GSEC.
- Ability to translate complex security risks into business terms for executive leadership.
Responsibilities
- Develop and maintain the security blueprint for the ISP core, edge, and access networks.
- Design and optimize multi-layered DDoS protection strategies using scrubbing centers, flow-based monitoring (NetFlow/SFlow), and RTBH (Remote Triggered Black Hole) filtering.
- Hardening of critical network elements (routers, switches, OLTs) and implementing robust AAA (Authentication, Authorization, and Accounting) frameworks.
- Lead the implementation of RPKI (Resource Public Key Infrastructure), BGPsec, and peering security best practices to prevent route hijacking.
- Drive "Security as Code" by using Python, Ansible, or Terraform to automate security policy deployments across thousands of nodes.
- Ensure the network meets industry standards such as NIST, ISO 27001, and regulatory requirements (e.g., CALEA, GDPR).
- Act as a Tier 4 subject matter expert during major security breaches or sophisticated network attacks.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
