الوصف الوظيفي
Overview As a member of global network architecture and engineering organization, the senior network security architect will lead global initiatives to design next generation security infrastructure and create simple solutions to complex network problems as part of the PepsiCo Strategy and Transformation. The architect will serve as a subject matter expert focused on network and wireless security domain to provide thought leadership and technical oversight and ensure that network and wireless solutions meet PepsiCo requirements. The senior network security architect will work closely with the sector delivery leads, enterprise architects, infrastructure engineers, and SMEs. The candidate should demonstrate deep technical expertise and excellent leadership experience across key infrastructure domains including Network, Security, and Cloud. Responsibilities Build an architecture community for the network security domain to define enterprise technology standards and ensure successful delivery of global network services across the enterprise. The architect will drive standardization and simplification across the existing environments and develop roadmaps for future to reduce total cost of ownership (TCO) for the network domain. Lead the architecture vision and design issues as well as influence peers, cross-functional teams, and IT leadership. Oversee the deployment and configuration of network hardware and software components and ensure that the implementation adheres to industry best practices and security standards. Provide guidance and recommendations to the enterprise architecture teams on standards and designs. Analyze current and future network capacity needs to ensure scalability, performance, and optimal resource utilization, and make informed decisions for hardware refreshes, software upgrades, and other capacity related aspects to accommodate increasing demands. Effectively present solutions and recommendations in verbal and written form. Produce high-level architecture diagrams and low-level engineering design documents. Qualifications In depth knowledge and experience of below network and wireless security technologies is required. Firewall: Palo Alto Networks, Cisco ASA VPN: Palo Alto Networks, Cisco Routers Proxy: Bluecoat, Broadcom Zscaler: ZPA, ZIA Threat detection and prevention: DDoS, WAF, URL Filtering Access Control: NAC, ClearPass, Cisco ISE Authentication: SAML, OKTA, RADIUS, TACACS Wi-Fi: 802.11 and EAP-PEAP, EAP-TLS, WPA3 Routing and Switching: BGP, MPLS Cloud platforms: Azure, AWS, GCP Demonstrated experience serving as a network security architect in a large firm with emphasis on modern software driven networks. Comprehensive understanding of LAN and WAN topologies, Data Center and Cloud environments, voice, video, and collaboration platforms, and end-user device technologies. Must have experience guiding multiple projects, leading vendor selections and negotiations, and a strong understanding of various vendor technologies. Proven ability in leading large scale infrastructure refreshes, consolidating and modernizing technology footprints, cloud integration and migration, and network capacity optimization. Experience working in a global environment with stakeholders across multiple geographies. Must have excellent verbal and written communication skills with a proven track record of translating strategies into plans that can be effectively executed. Bachelor’s degree in computer science or related discipline; 15+ years in the Information Technology field with 8+ plus years as a Network Security Architect. Differentiating Competencies Assist in developing the business cases and RFP for architectural solutions. Lead technical discussions, driving clarity of complex issues and requirements to build robust solutions. Effectively highlight IT technological advantages and disadvantages from the customer’s perspective. Identify technical win-win strategies from a business and technology perspective. Position the appropriate IT services for customers to consider when deploying a technology solution. Vendor certifications such CCIE (Security), PCNSE, ZDTE, BCCPP.