The Vizius Group
Overview
The Vizius Group is a think tank of cybersecurity consultants dedicated to understanding the mechanics and business value of risk reduction. We provide valuable insights through quantitative risk analysis, assessments, and penetration testing. Our expertise helps businesses mitigate cybersecurity risks effectively.
Job Overview We are a growing professional services company that designs, builds, and supports reliable networks and secure cloud foundations. We’re looking for a hands-on Senior Network & Cloud Engineer who can translate sound architectural principles into working solutions across on-prem and Azure environments. You’ll collaborate directly with clients and internal teams to plan, implement, troubleshoot, and document systems that are resilient, secure, and cost-effective.
Responsibilities
Design and implement campus, datacenter, and branch networks (L2/L3, WAN/SD‑WAN) and hybrid Azure connectivity (VPN/ExpressRoute).
Own end-to-end troubleshooting across network and cloud layers; isolate faults using packet captures, flow logs, and telemetry; drive permanent fixes.
Plan and deploy load balancers, reverse proxies, and application gateways (SSL/TLS offload, health checks, L7 routing, WAF when required).
Architect Azure landing zones and VNet topologies (hub‑and‑spoke/Virtual WAN), including NSGs/ASGs, UDRs, private endpoints, and firewall policies.
Implement and manage identity‑centric access (Entra ID, Conditional Access, PIM) for users, admins, services, and applications.
Automate builds, configuration, and changes using Infrastructure as Code and scripting; maintain source‑controlled runbooks and pipelines.
Produce clear diagrams and documentation; provide knowledge transfer and act as on‑site/remote liaison with customers and account teams.
Key Requirements Networking
L2/L3 Switching & Routing: VLANs, STP/RSTP/MST, EtherChannel/LAG; OSPF/BGP/ECMP design and operations.
Troubleshooting Mastery: Wireshark/tcpdump, traceroute/Path MTU, asymmetric routing, loop detection/mitigation, convergence analysis.
WAN & Edge: IPsec/GRE, SD‑WAN concepts, BGP at the edge, high‑availability edge patterns, remote access VPNs.
Load Balancing & Proxies: L4/L7 load balancers, reverse proxies, health probes, canary/blue‑green patterns, TLS cert lifecycle.
Observability & Capacity: NetFlow/sFlow, SNMP/telemetry, performance baselining, capacity planning, change impact assessments.
Identity & Access:
Entra ID (Azure AD), Conditional Access, PIM, hybrid identity (AD DS + Entra Connect), managed identities/service principals.
Infra as Code & Automation:
Bicep/Terraform and PowerShell/Azure CLI for repeatable builds; Git‑based workflows and CI/CD pipelines.
Security & Governance:
Azure RBAC, Policy/Initiatives, blueprints/landing zones, Key Vault for secrets and certificates, baseline hardening.
Connectivity & Hybrid:
Site‑to‑site VPN/ExpressRoute, name resolution (Private DNS), private service access for PaaS, NVA patterns.
Platform & Compute:
VM/VMSS, AVD basics, container/AKS networking (CNI), image management, scaling and availability sets/zones.
Monitoring & Cost:
Azure Monitor/Log Analytics (KQL), NSG flow logs, Connection Monitor; right‑sizing and cost guardrails.
Characteristics of Success:
A team player, able to collaborate with and inspire colleagues across all levels of the organization.
#J-18808-Ljbffr
Job Overview We are a growing professional services company that designs, builds, and supports reliable networks and secure cloud foundations. We’re looking for a hands-on Senior Network & Cloud Engineer who can translate sound architectural principles into working solutions across on-prem and Azure environments. You’ll collaborate directly with clients and internal teams to plan, implement, troubleshoot, and document systems that are resilient, secure, and cost-effective.
Responsibilities
Design and implement campus, datacenter, and branch networks (L2/L3, WAN/SD‑WAN) and hybrid Azure connectivity (VPN/ExpressRoute).
Own end-to-end troubleshooting across network and cloud layers; isolate faults using packet captures, flow logs, and telemetry; drive permanent fixes.
Plan and deploy load balancers, reverse proxies, and application gateways (SSL/TLS offload, health checks, L7 routing, WAF when required).
Architect Azure landing zones and VNet topologies (hub‑and‑spoke/Virtual WAN), including NSGs/ASGs, UDRs, private endpoints, and firewall policies.
Implement and manage identity‑centric access (Entra ID, Conditional Access, PIM) for users, admins, services, and applications.
Automate builds, configuration, and changes using Infrastructure as Code and scripting; maintain source‑controlled runbooks and pipelines.
Produce clear diagrams and documentation; provide knowledge transfer and act as on‑site/remote liaison with customers and account teams.
Key Requirements Networking
L2/L3 Switching & Routing: VLANs, STP/RSTP/MST, EtherChannel/LAG; OSPF/BGP/ECMP design and operations.
Troubleshooting Mastery: Wireshark/tcpdump, traceroute/Path MTU, asymmetric routing, loop detection/mitigation, convergence analysis.
WAN & Edge: IPsec/GRE, SD‑WAN concepts, BGP at the edge, high‑availability edge patterns, remote access VPNs.
Load Balancing & Proxies: L4/L7 load balancers, reverse proxies, health probes, canary/blue‑green patterns, TLS cert lifecycle.
Observability & Capacity: NetFlow/sFlow, SNMP/telemetry, performance baselining, capacity planning, change impact assessments.
Identity & Access:
Entra ID (Azure AD), Conditional Access, PIM, hybrid identity (AD DS + Entra Connect), managed identities/service principals.
Infra as Code & Automation:
Bicep/Terraform and PowerShell/Azure CLI for repeatable builds; Git‑based workflows and CI/CD pipelines.
Security & Governance:
Azure RBAC, Policy/Initiatives, blueprints/landing zones, Key Vault for secrets and certificates, baseline hardening.
Connectivity & Hybrid:
Site‑to‑site VPN/ExpressRoute, name resolution (Private DNS), private service access for PaaS, NVA patterns.
Platform & Compute:
VM/VMSS, AVD basics, container/AKS networking (CNI), image management, scaling and availability sets/zones.
Monitoring & Cost:
Azure Monitor/Log Analytics (KQL), NSG flow logs, Connection Monitor; right‑sizing and cost guardrails.
Characteristics of Success:
A team player, able to collaborate with and inspire colleagues across all levels of the organization.
#J-18808-Ljbffr