Zero-Trust System Design Draft, Review, and Maintain Zero-Trust SOPs Across Identity, Device, Data, and Infrastructure
Zero-trust SOPs should be reviewed and maintained across identity, device, data, and infrastructure. Automated, version-controlled playbooks with unit, integration, and compliance tests in CI should be delivered. Architect and automate backup, failover, and DR workflows for all network devices. Integrate vulnerability scanners (Nessus, Qualys), threat-intel feeds, and policy-as-code into CI/CD pipelines. Automate remediation playbooks and generate compliance dashboards for SOC/DevSecOps. Operate configuration managers to centralize topology, inventory, and device state.
Collaborate with platform, edge, security, and product teams to embed network security into CI/CD and DevOps pipelines. Deliver capacity-planning reports to product, finance, and data-center stakeholders. Evaluate emerging trends (intent-based networking, programmable data planes, network observability). Design documentation, lifecycle management, and change control. Vulnerability management, policy-as-code, zero-trust design.
Requirements
Certifications such as CISSP, CCSP, or equivalent preferred. Networking: 6+ years configuring firewalls, switches, VPNs, VLANs, and traffic load balancing. Deep knowledge of L2/L3 protocols (OSPF, BGP, MPLS, VXLAN). Experience with cloud networking (AWS VPC, Azure VNets). Strong attention to detail and documentation. Excellent stakeholder communication. Proactive, self-directed learning mindset.
Education and Experience
A Bachelors degree in Computer Science, Information Technology, or related discipline OR equivalent professional experience is required. Technical cybersecurity certification (SANS, ISACA, CompTIA, Cisco, etc.) preferred. Demonstrated hands-on experience with network automation, IaC, and infrastructure-as-code tools.