UST
Website:
ust.com
Job details:
Role Description
We are seeking an experienced
Azure Network Architect / Lead to design, build, and operate a secure, scalable Enterprise Azure Platform. This role will partner closely with Engineering, Cybersecurity, Platform Engineering, and Data teams to enable seamless integration with Snowflake and other vendor platforms, supporting advanced data and AI use cases.
Key Responsibilities
- Partner with Engineering, Cybersecurity, and Platform teams to architect and deliver a robust Enterprise Azure networking platform, including integration with Snowflake and other third-party ecosystems.
- Design and implement secure network architectures, leveraging WAFs, firewalls, NSGs, and Zero Trust principles.
- Collaborate with DevOps and AIOps teams to establish scalable and secure network configurations for Azure-based platforms and AI-driven product development.
- Act as a core member of the Architecture Review Board (ARB), providing network design governance, best practices, and architectural guidance for applications.
- Work with Enterprise Architecture teams to define and enforce approved design patterns and standardized Azure services.
- Continuously monitor network performance and security posture; identify risks, create SOPs/runbooks, and enable L1/L2 teams to efficiently triage and resolve recurring issues.
- Lead capacity planning, high availability, and disaster recovery strategies for enterprise-scale network environments.
- Drive sprint deliverables with a focus on quality, timeliness, and operational excellence.
- Collaborate with vendors and internal stakeholders to ensure seamless onboarding, integration, and service delivery.
Who Are We Looking For?
- 10+ years of experience in enterprise networking, with at least 4+ years specializing in Azure cloud network design and architecture.
- Proven experience designing and securing large-scale, hybrid, and cloud-native environments.
Core Technical Expertise
- Azure Networking: VNets, Subnets, Peering, UDRs, Route Tables, Virtual WAN, Azure DNS & Private DNS Zones
- Hybrid Connectivity: ExpressRoute, VPN Gateways, BGP, high-availability and failover architectures
- Secure Service Access: Private Endpoints, Private Link, Service Endpoints, egress control, NAT, proxy architectures
- Network Security: Zero Trust architecture, Azure Firewall, WAF (Application Gateway), DDoS Protection, NSGs/ASGs, micro-segmentation
- Load Balancing & Traffic Management: Application Gateway (WAF), Azure Load Balancer (ALB/ILB), Traffic Manager, Front Door
- SaaS & Vendor Integration: Secure connectivity patterns with platforms such as Snowflake, Databricks, and other SaaS providers (Private access, IP allowlisting, mTLS, API integrations)
- Routing & Protocols: Deep understanding of BGP, TCP/IP, DNS, NAT, IPv4/IPv6, segmentation, and HA/DR topology design
Skills
network security,firewall policy,network security engineering,nextgeneration firewall,
Click on Apply to know more.