Senior Computer Network Architect

Senior Computer Network Support Architect

4 days ago Be among the first 25 applicants

Hiring in the following locations: WV, UT, MD, and TN

• Review and update logical network topologies to ensure optimal performance, security, and scalability. Ensure proper segmentation of IRS internal networks, external networks, and guest access points. Design and implement VLANs (Virtual Local Area Networks) to segment traffic securely.
• Create and maintain firewall policies to ensure secure communication between different customer network segments and external partners. Regularly review and optimize firewall rulesets to minimize the attack surface and ensure only authorized traffic is allowed. Implement stateful/stateless firewall rules and deep packet inspection to secure internal traffic.
• Manage and analyze firewall policies and rulesets. Ensure proper segmentation of internal and external networks. Implement security updates and patches in line with the customer security framework. Audit firewall configurations to eliminate unused or redundant rules.
• Configure and optimize routing protocols (e.g., OSPF, BGP) to ensure network efficiency and high availability. Implement Layer 2/3 switching configurations to manage traffic across the network efficiently. Ensure dynamic routing is properly configured to prevent loops and enable route failover.
• Manage the Customer’s IP address space, ensuring proper subnetting and allocation of addresses across the network. Configure and maintain DNS and DHCP services to provide dynamic IP assignment and resolution services. Audit IP usage and ensure the logical assignment matches physical device locations.
• Analyze logical security policies and ensure compliance with customer security protocols, such as FISMA, NIST 800-53, and IRS‑specific guidelines. Implement role‑based access control (RBAC) across network devices to limit access to authorized personnel only. Configure and analyze IDS/IPS (Intrusion Detection/Prevention Systems) to detect and respond to security threats.
• Set up and configure network analyzing tools (e.g., Net Flow, SNMP) to analyze traffic patterns and detect anomalies. Implement traffic shaping policies where necessary to ensure critical applications receive adequate bandwidth. Create network usage reports, identifying bottlenecks and recommending performance optimizations.
• Implement logical redundancy for critical services, ensuring that key applications (e.g., tax systems) remain operational during network outages. Configure load balancing and failover mechanisms for high‑availability services. Regularly test failover mechanisms to ensure smooth transitions during outages.
• Implement and manage NAC systems to ensure only authorized devices can access the customer internal network. Enforce device compliance checks (e.g., up‑to‑date security patches) before allowing network access. Configure guest networks for limited access where needed.
• Implement and maintain network virtualization technologies, such as VLANs and VRFs, to separate traffic securely across different IRS departments or services. Optimize the use of SDN (Software‑Defined Networking) for flexible and efficient management of network traffic. Ensure logical segmentation aligns with business and security requirements.
• Implement logical backup strategies for network configurations, ensuring all routers, firewalls, and switches can be quickly restored. Regularly test network configuration restoration processes to ensure minimal downtime during incidents. Plan for disaster recovery scenarios where critical infrastructure is replicated and can be recovered quickly.

• Education:
  
  Associate’s degree in computer science, Information Technology or related field.
• Certifications:
  
  A current CISCO™ Certified Internetwork Expert (CCIE) certification is preferred.
• Certifications:
  
  ASWS Certified solutions Architect, Microsoft Certified:
  Azure Solutions Architect Expert, Google Professional Cloud Architect or similar certifications desired.
• Experience:
  
  Minimum of ten years of experience in network architecture, design, and implementation.
• Experience:
  
  Proven expertise in managing and employing systems across public, private, and hybrid environments.
• Experience:
  
  Strong understanding of virtualization technologies, containers (e.g., Docker, Kubernetes), and Infrastructure as Code (IaC) tools such as Terraform and Ansible.
• Experience:
  
  Experience with network architecture, cost optimization, and high‑availability architectures.