Senior Network Architect & Administrator

About The Position

Requirements

• 8+ years of experience in enterprise network engineering, architecture, or administration.
• Expert-level knowledge of routing, switching, firewalls, VPNs, SD-WAN, and network segmentation.
• Hands-on experience with NGFW platforms (Palo Alto, Fortinet, Check Point, Cisco Firepower).
• Strong understanding of cloud networking (AWS, Azure, GCP) and hybrid connectivity.
• Experience supporting trading systems or financial-sector connectivity.
• Familiarity with regulatory frameworks (FFIEC, SEC, FINRA, SOX).
• Strong leadership and architectural decision-making abilities.
• Excellent communication skills, including documentation and executive-level reporting.
• Ability to collaborate across IT, security, compliance, and business teams.
• High attention to detail and a proactive mindset toward reliability and security.

Nice To Haves

• Certifications such as CCNP/CCIE, PCNSE, NSE7+, JNCIP/JNCIE, or equivalent.
• Experience with Zero Trust, SASE, CASB, and modern remote access technologies.
• Proficiency in automation and scripting (Python, PowerShell, Ansible).
• Experience designing network architectures for high-availability, low-latency environments.

Responsibilities

• Architect and maintain a multi‑tier, highly available enterprise network supporting trading, clearing, research, and client‑facing platforms.
• Design and enforce advanced network segmentation for users, servers, trading systems, cloud workloads, and privileged administrative zones.
• Lead the development of a Zero Trust Network Architecture (ZTNA), including micro‑segmentation, identity‑aware routing, and continuous verification.
• Engineer secure, redundant partner connections (DTCC, BNYM, Bloomberg, MarketAxess, ArrowStreet) using dedicated circuits, VPNs, private connectivity, and strict ACLs.
• Integrate cloud networking (AWS, Azure, GCP) with secure routing, private endpoints, and unified policy enforcement across hybrid environments.
• Architect and administer next‑generation firewalls (NGFW) with IPS, TLS inspection, sandboxing, and threat intelligence integrations.
• Deploy and maintain Web Application Firewalls (WAF) and API gateways supporting trading platforms and client portals.
• Strengthen cloud security posture using CSPM, CNAPP, and cloud‑native controls (Security Groups, NACLs, PrivateLink, IAM boundaries).
• Implement secure remote access solutions using ZTNA, MFA, device posture checks, and continuous session monitoring.
• Standardize encryption protocols (TLS 1.2/1.3, IPsec, MACsec) across internal, external, and partner connections.
• Build and maintain a unified network monitoring and logging architecture across firewalls, routers, switches, cloud networks, and partner circuits.
• Collaborate with security teams to integrate network telemetry into SIEM platforms (Splunk, Sentinel, QRadar, Elastic).
• Develop detection logic for anomalous trading activity, insider threats, credential abuse, and partner circuit deviations.
• Participate in threat‑hunting activities and support automated response workflows through SOAR integrations.
• Integrate network infrastructure with centralized IAM platforms (Azure AD/Entra, Okta, Ping) for SSO, MFA, and conditional access.
• Implement and maintain Privileged Access Management (PAM) for network administrators and service accounts.
• Define and enforce RBAC and least‑privilege models across network, cloud, and application layers.
• Ensure IAM and network logs feed into SIEM for real‑time detection of credential misuse.
• Develop and maintain network security standards and policies for segmentation, encryption, firewall rules, cloud access, and partner circuits.
• Conduct risk assessments for all P2P and financial partner connections.
• Define onboarding/offboarding processes for new business partners, including security validation and continuous monitoring.
• Ensure compliance with FFIEC, SEC, FINRA, SOX, and internal audit requirements.
• Create and maintain runbooks and playbooks for network incidents, partner link outages, and trading system disruptions.

Benefits

• medical, dental, vision, disability and life insurances
• Paid Holidays
• Paid vacation, sick and personal days
• retirement plan