Network Security Architect Remote Full time, Remote United Kingdom The Network Security Architect is a global network security position that must work independently and within the team. They will administer, test, implement, troubleshoot, and advise on Security Infrastructure architectures to include all Network Security related systems and their components. This role includes the responsibility for implementing appropriate IT security procedures. They will design, build, and oversee the implementation of secure IT network infrastructures to protect an organization's information assets from cyber threats. They assess security risks, identify vulnerabilities, and develop comprehensive strategies using a combination of hardware and software solutions. Key responsibilities include anticipating threats, implementing security protocols like firewalls and VPNs, responding to security incidents, and ensuring the network meets organizational needs while adhering to security standards. In this role, this candidate will independently research and resolve moderately to highly complex technical problems. They will document standards, implementation procedures, and troubleshooting processes. In this role, the candidate will also be required to provide security services and expertise on internal technology projects. As a Network Security Architect, you will • Design and architect end-to-end secure network solutions, including site-to-site VPNs, zero trust models, and segmentation strategies • Architect and secure cloud-based networks, including virtual firewalls, security groups, VPC peering, and hybrid connectivity • Design secure, scalable network architectures—including campus, data center, and hybrid cloud topologies—leveraging Cisco SD WAN, Firewall, ISE, and Cloud technologies • Lead end to end deployments: planning, staging, migration, and cutover for multi site environments • Perform analysis of all threat/vulnerability sources, assessing any impacts to infrastructure and systems and providing an assessment, recommendations and potential actions correlative to the security threat posture and matures the current vulnerability and scanning/assessment capabilities • Act as technical mentor for network engineers—conducting design reviews, configuration walkthroughs, and knowledge sharing sessions • Provide high quality customer service by listening and understanding the needs of the stake holders • Identify and communicate threats and vulnerabilities that could impact business operations • Assist with communication, implementation, and analysis of compliance to security policies, standards, and procedures • Analyze metrics and report trends and opportunities for improvement About you • You have extensive network and Information Security related technology experience • Extensive experience in the architecture/design, development, and implementation of large-scale Wide Area Network (WAN) architectures with a strong focus on network, firewall, Routing and Cloud • Extensive knowledge and experience with network. (e.g., Routing and Switching, WAN, Packet Analysis, Firewall, Capacity Planning, IT Tools, and other relevant technologies • Design/Implement/Troubleshoot Fortinet, ASA, FTD (Firepower Threat Defense/IDS/IPS) • Design/Implement/Troubleshoot VPN Technologies including but not limited to Cisco IPSEC and AnyConnect (NAM/Posture), • • Experience with NAC/ISE integration with wired, wireless, VPN as well as posture • Strong background and ability to monitor network security by analyzing Intrusion Detections reports, firewall logs and other application sources • Strong understanding of network security architectures, solutions, processes, frameworks, and components • Extensive experience with Cloud solutions such as AWS, Azure • Thorough knowledge and experience with Network security standards (Network architecture analysis, Network Administration, Load balancer and Firewall Engineering) • Experience with network and performance management tools, security tools and appliances, layer 2 technologies, wireless technologies • Experience and understanding of network design and troubleshooting specificity as it applies to interoperability of security systems with the network BCD Travel Services B.V.