IS3 Solutions
Network Security Architect
Position Overview
We have an exciting opportunity for a Network Security Architect to support a financial services client in designing and implementing advanced traffic visibility and packet capture architectures across hybrid environments. This role plays a critical part in securing cloud and on-premise infrastructure through comprehensive inspection, decryption, and data forwarding solutions. The ideal candidate will leverage tools such as Palo Alto, Zscaler, Coralight, and TAP technologies to enable deep packet inspection, policy enforcement, and integration with SASE and DLP platforms.
Key Responsibilities
Architect and implement comprehensive traffic visibility solutions across cloud and on-premise networks. Design secure pipelines for data ingestion, such as exporting Palo Alto traffic logs to AWS S3 for analytics and DLP use. Deploy and optimize TAP and packet broker infrastructure (e.g., Coralight, Gigamon alternatives) for scalable packet inspection. Integrate decryption strategies to support visibility into encrypted traffic for both internal systems and end users. Collaborate with security architects to embed SASE principles and policy enforcement into network inspection workflows. Guide segmentation and traffic flow strategies across hybrid infrastructure using Palo Alto, Zscaler, and TAP technologies. Act as a technical liaison between internal teams and OEMs to ensure alignment of traffic visibility solutions with performance and compliance requirements. Required Qualifications 7+ years of experience in network security architecture with a strong emphasis on visibility and packet-level analysis Hands-on expertise with: Palo Alto (firewalls, decryption, traffic forwarding) Zscaler traffic inspection and logging Coralight or comparable network visibility platforms TAPs and packet brokers (Gigamon or similar) Deep understanding of encrypted traffic decryption, data forwarding, and cloud-based storage integration (e.g., AWS S3) Experience architecting solutions across hybrid cloud/on-premise environments Familiarity with SASE frameworks and secure architecture principles Excellent communication, documentation, and cross-functional collaboration skills Preferred Qualifications Experience with telco backbone monitoring tools (e.g., CenturyLink Wire) Knowledge of AWS or Azure cloud TAPs and cloud-native visibility configurations Relevant certifications such as PCNSE, ZCCA-IA, or CISSP
We have an exciting opportunity for a Network Security Architect to support a financial services client in designing and implementing advanced traffic visibility and packet capture architectures across hybrid environments. This role plays a critical part in securing cloud and on-premise infrastructure through comprehensive inspection, decryption, and data forwarding solutions. The ideal candidate will leverage tools such as Palo Alto, Zscaler, Coralight, and TAP technologies to enable deep packet inspection, policy enforcement, and integration with SASE and DLP platforms.
Key Responsibilities
Architect and implement comprehensive traffic visibility solutions across cloud and on-premise networks. Design secure pipelines for data ingestion, such as exporting Palo Alto traffic logs to AWS S3 for analytics and DLP use. Deploy and optimize TAP and packet broker infrastructure (e.g., Coralight, Gigamon alternatives) for scalable packet inspection. Integrate decryption strategies to support visibility into encrypted traffic for both internal systems and end users. Collaborate with security architects to embed SASE principles and policy enforcement into network inspection workflows. Guide segmentation and traffic flow strategies across hybrid infrastructure using Palo Alto, Zscaler, and TAP technologies. Act as a technical liaison between internal teams and OEMs to ensure alignment of traffic visibility solutions with performance and compliance requirements. Required Qualifications 7+ years of experience in network security architecture with a strong emphasis on visibility and packet-level analysis Hands-on expertise with: Palo Alto (firewalls, decryption, traffic forwarding) Zscaler traffic inspection and logging Coralight or comparable network visibility platforms TAPs and packet brokers (Gigamon or similar) Deep understanding of encrypted traffic decryption, data forwarding, and cloud-based storage integration (e.g., AWS S3) Experience architecting solutions across hybrid cloud/on-premise environments Familiarity with SASE frameworks and secure architecture principles Excellent communication, documentation, and cross-functional collaboration skills Preferred Qualifications Experience with telco backbone monitoring tools (e.g., CenturyLink Wire) Knowledge of AWS or Azure cloud TAPs and cloud-native visibility configurations Relevant certifications such as PCNSE, ZCCA-IA, or CISSP