Cisco Network Security Architect
Full TimeJob Overview
The Cisco Network Security Architect is responsible for the design, architecture, and large-scale deployment of Cisco firewall and network security solutions across enterprise and service provider environments.
This role focuses heavily on Cisco security technologies, including Cisco Secure Firewall (Firepower / FTD), ASA, and associated management platforms, ensuring scalable, secure, and resilient network security architectures.
You will work closely with customers, security engineers, and infrastructure teams to design solutions, lead major deployments, and provide expert-level guidance on best practices, performance optimization, and security architecture.
The Cisco Network Security Architect is responsible for the design, architecture, and large-scale deployment of Cisco firewall and network security solutions across enterprise and service provider environments.
This role focuses heavily on Cisco security technologies, including Cisco Secure Firewall (Firepower / FTD), ASA, and associated management platforms, ensuring scalable, secure, and resilient network security architectures.
You will work closely with customers, security engineers, and infrastructure teams to design solutions, lead major deployments, and provide expert-level guidance on best practices, performance optimization, and security architecture.
Responsibilities:
Security Architecture & Design
Design enterprise-scale network security architectures using Cisco firewall technologies.
Architect secure network environments including segmentation, DMZ design, VPN architecture, and secure connectivity models.
Develop security frameworks aligned with Zero Trust principles and defence-in-depth strategies.
Provide architectural guidance on hybrid cloud, multi-site, and data centre environments.
Cisco Firewall Implementation
Lead the deployment and configuration of Cisco Secure Firewall (FTD), ASA, and Firepower Management Center (FMC) environments.
Design and implement high availability, clustering, and load balancing configurations.
Perform large-scale firewall migrations and upgrades from legacy platforms to modern Cisco security solutions.
Implement advanced security features including:
o Intrusion Prevention Systems (IPS)
o Advanced Malware Protection (AMP)
o SSL/TLS inspection
o Application control
o URL filtering
o Site-to-site and remote access VPNs.
Large-Scale Deployments
Design and deliver large enterprise or multi-site firewall deployments.
Lead migration strategies from legacy firewalls to Cisco Secure Firewall platforms.
Develop scalable firewall policies across hundreds of rulesets, sites, and security zones.
Ensure solutions meet high performance, redundancy, and compliance requirements.
Design and deliver large enterprise or multi-site firewall deployments.
Lead migration strategies from legacy firewalls to Cisco Secure Firewall platforms.
Develop scalable firewall policies across hundreds of rulesets, sites, and security zones.
Ensure solutions meet high performance, redundancy, and compliance requirements.
Technical Leadership
Act as the technical authority on Cisco security architecture.
Provide technical mentorship to network engineers and security teams.
Develop deployment standards, documentation, and architectural blueprints.
Participate in design reviews, security audits, and infrastructure planning sessions.
Act as the technical authority on Cisco security architecture.
Provide technical mentorship to network engineers and security teams.
Develop deployment standards, documentation, and architectural blueprints.
Participate in design reviews, security audits, and infrastructure planning sessions.
Security & Compliance
Ensure architectures align with industry security frameworks and best practices, including:
o NIST
o ISO 27001
o CIS benchmarks
o Zero Trust architectures.
Conduct security assessments and architecture reviews to identify risks and improvement opportunities.
Ensure architectures align with industry security frameworks and best practices, including:
o NIST
o ISO 27001
o CIS benchmarks
o Zero Trust architectures.
Conduct security assessments and architecture reviews to identify risks and improvement opportunities.
Documentation & Customer Engagement
Produce detailed architecture diagrams, solution designs, and implementation guides.
Present technical solutions to customers and stakeholders.
Support pre-sales engagements with technical expertise and architecture input where required.
Produce detailed architecture diagrams, solution designs, and implementation guides.
Present technical solutions to customers and stakeholders.
Support pre-sales engagements with technical expertise and architecture input where required.
Skills/ Requirements:
Essential
7+ years experience in network security engineering or architecture.
Extensive experience designing and deploying Cisco firewall solutions.
Deep knowledge of:
o Cisco Secure Firewall (FTD / Firepower)
o Cisco ASA
o Firepower Management Center (FMC)
Experience with large-scale enterprise firewall deployments.
Strong expertise in:
o Network segmentation
o High availability and clustering
o VPN technologies (IPsec / SSL VPN)
o Routing protocols (BGP, OSPF, EIGRP)
o NAT and advanced firewall policies
Experience working in multi-site enterprise or service provider environments.
7+ years experience in network security engineering or architecture.
Extensive experience designing and deploying Cisco firewall solutions.
Deep knowledge of:
o Cisco Secure Firewall (FTD / Firepower)
o Cisco ASA
o Firepower Management Center (FMC)
Experience with large-scale enterprise firewall deployments.
Strong expertise in:
o Network segmentation
o High availability and clustering
o VPN technologies (IPsec / SSL VPN)
o Routing protocols (BGP, OSPF, EIGRP)
o NAT and advanced firewall policies
Experience working in multi-site enterprise or service provider environments.
Desirable
Experience integrating Cisco firewalls with:
o Cisco Identity Services Engine (ISE)
o Cisco SecureX
o Cisco Umbrella
o Cisco Duo
Experience designing security for cloud environments (Azure, AWS, GCP).
Familiarity with automation and infrastructure-as-code for network deployments.
Experience with SD-WAN environments.
Experience integrating Cisco firewalls with:
o Cisco Identity Services Engine (ISE)
o Cisco SecureX
o Cisco Umbrella
o Cisco Duo
Experience designing security for cloud environments (Azure, AWS, GCP).
Familiarity with automation and infrastructure-as-code for network deployments.
Experience with SD-WAN environments.
Certifications (Preferred)
The following certifications are highly desirable:
•CCNP Security
•CCIE Security
•Cisco Secure Firewall Specialist
•Cisco Certified Network Professional (Enterprise or Security)
Additional certifications that would be beneficial:
•CISSP
•GIAC security certifications
•CISSP
•GIAC security certifications
Personal Attributes
Strong architectural thinking and problem-solving abilities
Excellent communication and documentation skills
Ability to translate complex technical concepts into clear architectural guidance
Strong attention to detail and commitment to security best practices
Ability to work collaboratively across technical and business teams
Passion for continuous learning and staying ahead of evolving security threats
Strong architectural thinking and problem-solving abilities
Excellent communication and documentation skills
Ability to translate complex technical concepts into clear architectural guidance
Strong attention to detail and commitment to security best practices
Ability to work collaboratively across technical and business teams
Passion for continuous learning and staying ahead of evolving security threats