AWS Network Architect
Apply NowCompany: Intelliswift
Location: Pleasanton, CA 94566
Description:
Must Haves:
3+ years of experience in Infrastructure automation using Cloud Formation, Ansible, Powershell, or Terraform
3+ YEARS IN DESIGNING AND BUILDING WITH ALL ASPECTS OF HYBRID CLOUD NETWORK INFRASTRUCTURE DESIGN, DEVELOPMENT, AND IMPLEMENTATION
3+ years of experience with AWS environment, operations and automation
Experience with security in the cloud: Intrusion, penetration, and vulnerability scanning
AWS certification required, AWS Certified Solutions Architect, CCNP or CCIE is a plus.
TECHNICAL KNOWLEDGE AND SKILLS:
Deep knowledge of cloud IAM and how to configure least-privilege. Knowledge of cloud networking and how to securely interconnect multiple cloud accounts, on-prem servers, etc.
Experience with IAM, SAML, AWS control Tower customization and SSO implementations
Working experience in containerization and orchestration using Docker, Kubernetes, or EKS/ECS.
Prociency in architecting and deploying security best practices across the AWS technology stack.
A working understanding of AWS sizing and pricing regarding AWS compute storage and database services.
Working experience with AWS security, identity, & COMPLIANCE RESOURCES, AND SECURE ARCHITECTING. SOLID UNDERSTANDING AND HANDS-ON EXPERIENCE OF AWS SERVICES INCLUDING VPC, ELB, IAM, KMS, EC2, SSM, RDS, S3, AWS CONFIG, CLOUDTRAIL, SCP, CLOUDWATCH, CLOUDFORMATION, VPC FLOW LOG, SECURITY HUB, FIREWALL MANAGER, ROUTE53, API GATEWAY, LAMBDA, AND OTHERS
Experience in the design, development, and implementation of AWS-based infrastructure solutions using AWS APIs, and Python with boto3.
Strong experience with AWS network topology and services (Multi account/VPC environments that are integrated via AWS transit gateway, Direct Connects/VPNs connecting to physical locations)
Cloud specific security controls experience, including API security experience
Thorough understanding of networking technologies, including administration of enterprise routers, switches, firewalls, IDS/IPS, and load-balancers (OSI layers 4-7)
Minimum 2 years of experience with on-premise networking products (Cisco ASA, Firepower, Client, and Palo Alto).
Minimum 2 to 4 years of experience design and implement cloud network security infrastructure services in AWS, including monitoring, vulnerability management, and data protection.
Expertise with various routing protocols (BGP, OSPF, EIGRP)
Understanding of network security methodologies as a whole, including but not limited to: ACLs, Stateful firewalls, VPNs (tunneling, IPsec, SSL, etc.)
Fluency with common network admin and monitoring tools such as Nagios, Opmanager, Wireshark, Nmap, Nessus, Netflow, Sflow etc.
Knowledge of Cisco IOS, NX-OS, both Cisco Nexus 1K, 2K, 5K 7K, 9K and non-Nexus series switches, Cisco routers and other Cisco networking gear.
Solid understanding of data center related technology and collocation environment.
Working knowledge of MPLS network.
Advanced knowledge of Cisco, F5, Palo Alto Firewall, Websense/Focepoint, Juniper and other vendor equipment and configuration
In-depth knowledge and hands-on experience on Cisco Network Devices automation
Expertise and Hands-on experience with Ansible or Python scripting for Network automation
Deep domain expertise in networking, network security and public/private clouds
Familiarity with SIEM
PREFERRED SKILLS:
Project Management Experience
Experience with Scripting and Automation technologies
Ability to think and operate as a team player
Extremely strong communication skills, BOTH WRITTEN AND VERBAL
Experience managing network service and similar support providers in a client/vendor relationship
Ability to operate as independently or as part of collaborative effort
Demonstrate strong project leadership and ability to develop strong working relationships with customer technical personnel.
Strong troubleshooting skills and ability to apply them during business impacting incidents.
Capable of mentor others and lead by example.
3+ years of experience in Infrastructure automation using Cloud Formation, Ansible, Powershell, or Terraform
3+ YEARS IN DESIGNING AND BUILDING WITH ALL ASPECTS OF HYBRID CLOUD NETWORK INFRASTRUCTURE DESIGN, DEVELOPMENT, AND IMPLEMENTATION
3+ years of experience with AWS environment, operations and automation
Experience with security in the cloud: Intrusion, penetration, and vulnerability scanning
AWS certification required, AWS Certified Solutions Architect, CCNP or CCIE is a plus.
TECHNICAL KNOWLEDGE AND SKILLS:
Deep knowledge of cloud IAM and how to configure least-privilege. Knowledge of cloud networking and how to securely interconnect multiple cloud accounts, on-prem servers, etc.
Experience with IAM, SAML, AWS control Tower customization and SSO implementations
Working experience in containerization and orchestration using Docker, Kubernetes, or EKS/ECS.
Prociency in architecting and deploying security best practices across the AWS technology stack.
A working understanding of AWS sizing and pricing regarding AWS compute storage and database services.
Working experience with AWS security, identity, & COMPLIANCE RESOURCES, AND SECURE ARCHITECTING. SOLID UNDERSTANDING AND HANDS-ON EXPERIENCE OF AWS SERVICES INCLUDING VPC, ELB, IAM, KMS, EC2, SSM, RDS, S3, AWS CONFIG, CLOUDTRAIL, SCP, CLOUDWATCH, CLOUDFORMATION, VPC FLOW LOG, SECURITY HUB, FIREWALL MANAGER, ROUTE53, API GATEWAY, LAMBDA, AND OTHERS
Experience in the design, development, and implementation of AWS-based infrastructure solutions using AWS APIs, and Python with boto3.
Strong experience with AWS network topology and services (Multi account/VPC environments that are integrated via AWS transit gateway, Direct Connects/VPNs connecting to physical locations)
Cloud specific security controls experience, including API security experience
Thorough understanding of networking technologies, including administration of enterprise routers, switches, firewalls, IDS/IPS, and load-balancers (OSI layers 4-7)
Minimum 2 years of experience with on-premise networking products (Cisco ASA, Firepower, Client, and Palo Alto).
Minimum 2 to 4 years of experience design and implement cloud network security infrastructure services in AWS, including monitoring, vulnerability management, and data protection.
Expertise with various routing protocols (BGP, OSPF, EIGRP)
Understanding of network security methodologies as a whole, including but not limited to: ACLs, Stateful firewalls, VPNs (tunneling, IPsec, SSL, etc.)
Fluency with common network admin and monitoring tools such as Nagios, Opmanager, Wireshark, Nmap, Nessus, Netflow, Sflow etc.
Knowledge of Cisco IOS, NX-OS, both Cisco Nexus 1K, 2K, 5K 7K, 9K and non-Nexus series switches, Cisco routers and other Cisco networking gear.
Solid understanding of data center related technology and collocation environment.
Working knowledge of MPLS network.
Advanced knowledge of Cisco, F5, Palo Alto Firewall, Websense/Focepoint, Juniper and other vendor equipment and configuration
In-depth knowledge and hands-on experience on Cisco Network Devices automation
Expertise and Hands-on experience with Ansible or Python scripting for Network automation
Deep domain expertise in networking, network security and public/private clouds
Familiarity with SIEM
PREFERRED SKILLS:
Project Management Experience
Experience with Scripting and Automation technologies
Ability to think and operate as a team player
Extremely strong communication skills, BOTH WRITTEN AND VERBAL
Experience managing network service and similar support providers in a client/vendor relationship
Ability to operate as independently or as part of collaborative effort
Demonstrate strong project leadership and ability to develop strong working relationships with customer technical personnel.
Strong troubleshooting skills and ability to apply them during business impacting incidents.
Capable of mentor others and lead by example.