Network Architect

Requires extensive networking experience, usually 11+ years of revelant experience, advanced certifications (e.g., CCIE), and a deep understanding of network architecture. 
Network Design and Planning:
•    Designing and planning the organization's network architecture to meet current and future requirements.
•    Conducting capacity planning to ensure the network can handle current and anticipated traffic.
Configuration Management:
•    Configuring routers, switches, and other network devices according to best practices and security standards.
•    Implementing and managing VLANs (Virtual Local Area Networks) for segmentation and security.
Firewall Configuration and Management:
•    Configuring and managing firewall rules to control traffic based on security policies.
•    Regularly reviewing and updating firewall configurations to adapt to changing threats and business needs.
Intrusion Detection and Prevention:
•    Deploying and maintaining intrusion detection and prevention systems to identify and respond to potential security threats.
•    Analysing and responding to alerts generated by intrusion detection systems.
Network Monitoring:
•    Monitoring network performance and identifying and addressing bottlenecks or issues.
•    Implementing network monitoring tools to detect anomalies and potential security incidents.
Incident Response:
•    Developing and maintaining an incident response plan for network and firewall-related incidents.
•    Responding promptly to security incidents, investigating root causes, and implementing corrective actions.
Patch Management:
•    Regularly applying security patches and updates to network devices and firewalls to address vulnerabilities.
•    testing patches in a controlled environment before deploying them to production systems.
Log Management and Analysis:
•    Collecting and analysing logs from network devices and firewalls to identify potential security events.
•    Implementing log retention policies to meet compliance requirements.
Backup and Recovery:
•    Implementing regular backups of network device configurations and firewall rule sets.
•    Testing and documenting procedures for restoring configurations in case of a failure or security incident.
User Access Control:
•    Managing user access to the network and firewall settings.
•    Implementing strong authentication mechanisms and regularly reviewing user access permissions.
Documentation:
•    Maintaining up-to-date documentation for network configurations, firewall rules, and related procedures.
•    Documenting changes made to the network infrastructure to facilitate troubleshooting and auditing.
Compliance and Auditing:
•    Ensuring that the network and firewall configurations comply with industry regulations and organizational policies.
•    Participating in and facilitating security audits and assessments.
Training and Awareness:
•    Providing training to network administrators and other relevant staff on security best practices.
•    Raising awareness about potential security threats and promoting a security-conscious culture within the organization