Sr Network Security Architect

About The Position

Requirements

• 10+ years designing and implementing secure network architectures
• Consultative, customer-facing experience with enterprise clients
• Advanced certifications (CCNP Security, CCNP Enterprise, PCNSE, NSE 4/5, or equivalent)
• Hands-on experience with 3+ vendor platforms (Cisco, Fortinet, Check Point, Palo Alto, Juniper, or Arista)
• Ability to troubleshoot complex multi-vendor network and security issues
• Strong written and verbal communication skills
• Ability to manage multiple priorities and deliver under enterprise SLAs
• Advanced IP networking (routing, switching, VLAN design, QoS)
• Network automation and orchestration (API-driven infrastructure)
• Software-Defined Networking (SDN) concepts and implementation
• Data center and access layer segmentation design
• Disaster recovery and business continuity planning
• Network Access Control (NAC) design and implementation
• Wireless architecture and enterprise deployment
• Next-Generation Firewall (NGFW) architecture, deployment, and tuning
• Intrusion Prevention Systems (IPS/IDS) implementation and tuning
• Endpoint security solutions and threat prevention
• Zero-trust security architecture design and implementation
• DNS security and email security solutions
• Advanced threat protection and behavior analytics
• Cisco: UCS, Nexus switching, ASA/Firepower NGFW, ISE identity management, ACI segmentation, SD-WAN, Umbrella/ESA/WSA
• Check Point: CloudGuard, CCSE/CCSA architecture, multi-gateway environments, security policies
• Palo Alto Networks: Next-Generation Firewall, Cortex XDR, Prisma Cloud, SASE solutions
• Dell/Arista: Enterprise switching, network architecture, fabric design
• Juniper: SRX firewalls, routing architecture, network automation
• HPE: Aruba network access control, ClearPass, enterprise switching
• Identity & Access Control: Cisco ISE, Aruba ClearPass, Forescout, ZScaler, Cyxtera, Okta
• Network Segmentation & Policy: Cisco ACI, VMware NSX, Microsegmentation frameworks
• Data Protection: Symantec, Varonis, Rubrik, Cohesity
• Endpoint Protection: Cisco AMP, Palo Alto Traps, Cylance, CarbonBlack, Sentinel One
• Application Security & DDoS: F5, Imperva, Splunk, Radware
• Advanced Threat Detection: ExtraHop ESA (Enterprise Security Essentials), Fortinet FortiAnalyzer, SentinelOne, CrowdStrike

Nice To Haves

• Check Point CCSE (Certified Check Point Security Expert) or CCSA (Certified Check Point Security Administrator)
• Cisco CCNP Security or CCNP Enterprise
• Palo Alto Networks PCNSE (Palo Alto Networks Certified Network Security Engineer)
• Cloud security certifications (AWS Security, Azure Security Engineer, or equivalent)

Responsibilities

• Implement network and security solutions from providers such as Cisco, Fortinet, Check Point, Palo Alto Networks, Juniper, and Arista
• Design and deploy next-generation firewall (NGFW) architectures, SASE (Secure Access Service Edge), and SD-WAN solutions
• Create comprehensive as-built documentation, network diagrams, and architecture visuals
• Serve as pre-sales technical resource for sales team members and support solution design
• Serve as escalation point for junior engineers and technical troubleshooting teams
• Troubleshoot complex technology issues across multi-vendor environments
• Assess customer environments and make strategic recommendations for security and infrastructure improvements
• Meet with key vendors to stay current on products, technologies, and emerging threat landscapes
• Develop and maintain customer-facing security assessments and compliance documentation
• Mentor and guide technical teams on security best practices and architecture design
• Maintain multiple advanced manufacturer-specific certifications and stay current with industry standards
• Serve each and every customer to ePlus' highest standards

Benefits

• ePlus offers a full range of medical, financial, and/or other benefits (including 401(k) eligibility, employee stock purchase program and various paid time off benefits, such as vacation, sick time, and personal leave), dependent on the position offered.