Architect - Network Security SRE - Gandipet Mandal / Hyderabad, India

Network Security SRE Architect is part of the S&T Global Network Services Team (Network Security Operations) within PepsiCo S&T Organization at HYD and reports to the head of Network Security Operations.

PepsiCo has a multivendor hybrid outsourced model for its Infrastructure operations. PepsiCo S&T Operations team works with various businesses, in-house IT teams, IT partners, and OEMs to maintain high-quality services around the clock. The person in this role is responsible for developing and maintaining functional and secure networks. You will mentor a team of engineers to troubleshoot and optimize our networks for our users. In this role, you should have excellent problem-solving skills and thorough knowledge of network administration and architecture, security, and data protection. Your goal will be to establish networks that cater to customer needs.

• Collaborate with Managed Service Providers and internal stakeholders, build trust, and lead the network operations workflows and process improvement streams
• Implement security solutions for PepsiCo’s network infrastructure, including the configuration, development, testing, and deployment of technologies such as Firewalls, WAFs, LB, IDS/IPS, and content filters
• Define and govern network security architectural principles and policies, particularly zoning policies within IT network transport environments
• Operate in a Governance and Architecture role or a Design role with end-to-end responsibility spanning multiple network technology domains
• Configure and install software, servers, routers, and other network devices
• Network fault and performance monitoring achieving proactiveness and improve alert early detection capabilities
• Troubleshoot and resolve issues escalated by tiers of support, including cloud and local infrastructure problems
• Continuously improving automation scripts and workflows to enhance network security operation BAU and develop new ZTP initiatives
• Develop, oversee, and test security measures such as access authentication and disaster recovery
• Maintain comprehensive technical documentation (LLDs, HLDs, SLA matrix, knowledge transfers repositories, …etc.)

Recommend improvements to network performance, capacity, and scalability

Qualifications

Mandatory Technical Skills

• MSc/BSc degree in Network Engineering, Computer Science, Information Technology Engineering, or a related field.
• 8+ years of experience in network and network security engineering.
• Mandatory network certifications such as CCNP, CCDA, CCDP, JNCIP
• Network Security Certifications required (PCNSE, NSE4, CCSA, F5, etc.)
• Extensive hands-on experience with Palo Alto and Cisco ASA NGFWs
• Experience with Symantec End Point Proxy
• Proficiency in configuring and administering IPSec VPN and DMVPN
• Familiarity with Cisco AnyConnect VPN or alternative solutions such as PA Global Protect.
• Knowledge of DNS security solutions like ZScaler and Cisco Umbrella.
• Ability to define policies and procedures for network management.
• Strong understanding of network security principles and related technologies.
• Experience with DDoS solutions such as Akamai.
• Skilled in analyzing workflow and security requirements to establish network parameters.
• Experience in implementing, monitoring, and evaluating security protocols.
• Familiarity with Cisco FTD IPS solution.
• Experience with Aruba ClearPass.

Mandatory Non-Technical Skills

• Strong understanding of network security principles and associated technologies
• Analyzing workflow and security requirements and establishing the network
• Strong relationship-building capability
• Strong communication skills, both written and verbal
• Proven experience of managing an effective working relationship with audit departments, and challenging where appropriate

Differentiating Competencies

• CCIE Certification is desirable
• PCNSE, NSE7, or equivalent certification
• General security certifications such as CISSP or CISM
• Deep understanding of network security principles and related technologies
• Skilled in analyzing workflow and security requirements to establish network infrastructure
• Extensive experience in automation (bash scripting, Python, PERL, etc.)
• Strong relationship-building skills
• Excellent written and verbal communication abilities
• Proven experience in managing effective working relationships with audit departments and appropriately challenging whenever required