Beschreibung
Next Ventures are currently executing a search for a Data Centre Network Security Architect
Responsabilities: Act as the programme security architect, offering technical security guidance on the design aspects of the datacenter and network migrations.
- Liaise with client contacts to make technical security decisions to overcome challenges to the programme.
- Provide approval for application migration design decisions including zoning of application components and communications ports to be opened between internal zones and to the Internet.
- Offer technical consultancy as required on the following security scope items of the migration programme:
o Firewall:
§ Manage Firewall Architecture design including the design of the DMZ and network zoning to host in-scope web facing and trusted systems
§ Capture existing application level segregation and zoning requirements and the corresponding Firewall rules for in-scope applications
§ Develop Firewall rule-sets based on Firewall architecture and provide inputs to Firewall providers
o Antivirus (Microsoft):
§ Design of Anti-Virus solution and policies
§ Implementation of dedicated Anti-Virus management configuration on SCCM
§ Cut-over Anti-Virus to live service
§ Provision users on new Anti-Virus Service - Agent & Communications settings update.
o Two Factor Authentication (TFA):
§ Design of MFA solution
§ Implementation of dedicated MFA instance
§ Integrate with Active Directory
§ Cutover MFA instance to live service
§ Provision users on new MFA instance
o Load balancers:
§ Citrix NetScaler configuration
o Web Proxy Services for NAL
§ Implement new Zscaler cloud Proxy service for NAL
o Messagelabs Email Filtering Services
§ Implement new Messagelabs Email Filtering service for NAL
o ECM (Enterprise Certificate Management)
§ Provision server for use as a certification authority for internal use (1 per region)
§ Configuration & Testing of certification authority server
§ Configuration & Testing of NAL Certificates
§ Create new process to manage, request, install and renewal of internal certificates
o DNS and IP Management Services
§ Support implementation of DNS, Public & Internal IP addresses