Introduction

IBM CIO Technology Platform Transformation

The IBM CIO Technology Platform Transformation team plays a crucial role in modernizing and optimizing IBM's technology infrastructure and platforms. The team aims to power AI-enabled experiences through AI-first technology platforms that enable and streamline existing processes, enhance security, and improve user experience by leveraging cutting-edge technologies such as artificial intelligence, machine learning, and cloud computing.

Driving the adoption of emerging technologies to optimize and automate various business functions, keeping an AI-first approach with a Digital Experience.

Enable Best in Class IT with Enhanced cybersecurity measures to protect sensitive information and maintain regulatory compliance.

Modernizing legacy systems and integrating disparate applications to improve interoperability and reduce technical debt.

Collaborating with other departments and teams to align technology efforts with broader corporate objectives.

Providing guidance and expertise on technology trends, best practices, and standards.

This Group comprises professionals with diverse backgrounds in software engineering, data science, network architecture, and security. By fostering a culture of innovation and continuous improvement, the team strives to achieve its mission of making IBM the most productive company in the world.

Your role and responsibilities

Network Architect focused on network security and firewall technologies, with an emphasis on Palo Alto and Cisco products. The architect will demonstrate extensive knowledge and experience with networking fundamentals (routing/switching), network security, and cyberthreats. This role will participate in the architecture, design, and deployment of new firewall services, including the transfer of firewall architecture and support from a 3rd party vendor to IBM. They must be able to work independently to evaluate fit for purpose within one of our existing firewall offerings and evaluate firewall configurations against standards and determine necessary changes. The architect will perform component and solution design for new features and new services/offerings for both new and existing services. Understanding the network as a whole and how each piece integrates, they will design and define connectivity for each firewall as it migrates to the IBM support structure. This role will also perform as the final level of CIO firewall support within IBM and collaborate with firewall engineers and consumers to resolve issues and drive new features to meet engineer and user need. Life-cycle management activities such as optimization, rule consolidation evaluation, security event/vulnerability evaluation, testing, and consumer enablement and experience improvements will also be performed.

Required technical and professional expertise

• Bachelor’s or higher degree in Engineering, Networking, Security, Computer Science, or equivalent level of industry related experience.

• At least 2 years hands on firewall steady state support at scale.

• 3-5 year’s experience in supporting enterprise internal and/or commercial networks for large/global organization

• 5 years demonstrated experience in firewall configuration methods including understanding of network flows between security zones, specifically with Palo Alto NGFW firewalls, and Cisco ASA/FTD/FMC

• 3-5 year’s experience performing component design and solutioning in the firewall space.

• 3-5 year’s experience with networking functions/protocols including Remote Access, Zero Trust Network Access, DNS, Routing techniques, Load Balancing, Firewall management

• Experience with monitoring security events and conducting incident response operations per documented procedures and industry best practices.

• Ability to create and document new processes and procedures and train other to utilize them.

• Possess outstanding written and verbal communication skills and strong leadership skills to effectively influence decisions and positively impact progress

• Strong team oriented interpersonal skills, with the ability to effectively interface with a broad range of internal/external contacts and roles, including vendors and IT-business personnel.

• Ability to self-manage assigned tasks, issues and projects and work independently with little to no direction

Preferred technical and professional experience

• Knowledge of current and emerging technologies/products and trends related to Zero Trust Network Access

• Experience using/managing Prisma Access SASE framework

• Proven experience with site-to-site tunnel configurations and tunnel security controls

• Experience in network architectures for building and supporting modern remote access solutions

• Experience with configuring and supporting standard routing protocols, such as OSPF and BGP

• Experience in design, maintaining BC/DR infrastructure in global organization

• Experience with additional firewall technologies including Checkpoint, Fortinet, Juniper, specifically Experience with administration, configuration and troubleshooting, and component design.

• Demonstrated experience using/deploying multi-factor authentication (MFA)

• Experience with web proxying/filtering

• Experience with network automation for access controls

• Demonstrated experience working in Agile concepts and methodologies

• Hands on experience on using agile workflow tools (JIRA, GitHub, Trello)

• Possession of current industry level network certifications a plus such CCNP Security, PCNSE, PCNSA