Sitec are currently looking to recruit a Network Architect for a nuclear MoD establishment in Reading. The post is for an estimated 6 month contract initially and is paying competitively on an hourly basis.
Our client are in the process of modernising its Business Network Environments. This work involves replacing several legacy IT environments and the introduction of new technical capabilities moving us away from the traditional on-premise architecture to a more connected world focusing on cloud-based services and mobility in the lower security domain and delivering high-security equivalents in the Above Official workspace.
The initial phase of this programme introduced several key business cloud services such as Microsoft Office 365, Workday and Saba. The next phase, now underway, is to migrate our Line of Business applications from a legacy, on-premise environment over to a Public Cloud environment, Microsoft Azure being our preferred option.
Also we are in the planning phase, deciding priorities and aligning workstreams to maximise business benefits with speed of delivery for these new capabilities.
The network element of this work is key to the success of this programme and will require a holistic network approach that covers all working environments and will encompass the introduction of novel network architectures, updating, replacing and building new network services where necessary
The person selected will act as Network Technical Design Authority (TDA) covering all aspects of network design. The selection and configuration of network security enforcing devices such as firewalls, gateways and high-grade encryption devices being of particular importance.
The Network Architect will provide technical input to multiple projects within the IS Modernisation Programme and help define and drive our future Networks Strategy.
Whilst a deeply technical role, this position will also include stakeholder meetings with both internal and external service providers in which solutions are discussed. The scope of their responsibilities will also include the supervision of the initial setup and deployment of new services and then the transition to live services with members of the Operations IS Team.
The Network Architect will:
o Report to the IS Modernisation Programme Architect
o Liaise extensively with other project architects within the Modernisation Programme.
o Liaise with the IT/Infrastructure operations team
o Liaise with the Application Support team
o Liaise with external vendor support teams.
* Liaise with internal stakeholders providing support and guidance for new projects.
Main Roles & responsibilities
* Determines network security requirements by evaluating business strategies and requirements,
* Plan security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls intrusion detection methodologies and related security and network devices adhering to industry standards.
* Ensures a highly-available network environment by designing and directing optimal equipment configurations, along with defining, documenting and enforcing system standards.
* Bachelor's degree in Computer Engineering, Computer Science or a related subject.
* Proven, hands-on network engineering experience within a high security environment.
* Experience with configuration and implementation of infrastructure and network security solutions including:
* Design of secure multi-site application replication and failover solutions
* Experience of designing and implementation of secure virtualized environments, both single and multi-tenant
* Strong understanding of IP network design, both switching and routing
* Experience of recommended Campus LAN and Data Centre Network Architectures
* Understanding of Layer 2/3 availability within Data Centres and across Data Centres.
* Understanding of Server/Storage network requirements (jumbo frames for iSCSI).
* Experience in secure DMZ design.
* Extensive experience around perimeter security design (logical/physical segregation, firewall policy, intrusion detection and prevention, SIEM)
* Extensive experience with implementing high grade security encryption technologies.
* Experience in at least two or more of the following firewall vendor technologies or skills:
* Cisco ASA
* Palo Alto
* Demonstrable mastery of networking standards and protocols (e.g., IPSEC, EIGRP, BGP, OSPF, 802.11, QoS, SNMPv3, TCP/IP, DNS, VPNs, reverse proxies, routing, switching etc.)
* Azure Networking (VNETs, Express Route, VPN Gateway, Traffic Manager, NSGs)
* Network Security in an Above SECRET or environment (Encryption Technologies, firewall configuration, IPS/IDS etc.)
* Understanding of workstation connectivity and NCSC security design patterns.
* Hands-on experience with monitoring, network diagnostic and network analytics tools
* Experience leading a technical team, yet with a business-minded approach
* Experience designing for disaster recovery.
Willing and able to obtain and maintain the appropriate level of security clearance necessary for the role
This vacancy is being advertised by Sitec, part of the Sitec Group. The services advertised by Sitec are those of an Employment Business
This vacancy is being advertised by Sitec.