- Company Name
- Nasstar
- Job Title
- Technical Design Authority– Secure Networks
- Job Description
-
**Job Title**
Technical Design Authority – Secure Networks
**Role Summary**
Lead post‑sales network transformation, delivering secure SD‑WAN and SASE solutions. Produce high‑quality high‑level and low‑level designs, guide cross‑functional teams, and act as the definitive technical decision maker to ensure successful customer implementations.
**Expectations**
- Own complete solution design and deliverables for multi‑site SD‑WAN/SASE projects.
- Serve as the technical authority, maintaining governance and standards across all project phases.
- Build and sustain trusted advisor relationships with enterprise and public‑sector clients.
- Translate business objectives into actionable, secure network architectures.
- Mentor and challenge engineering teams to keep projects on scope, schedule, and budget.
**Key Responsibilities**
- Produce high‑level and low‑level designs, migration runbooks, and test plans for SD‑WAN, secure SD‑branch, and SASE environments.
- Provide design authority, approve changes, and ensure design quality and compliance with client constraints.
- Facilitate customer workshops, risk/benefit discussions, and strategic technical decisions.
- Collaborate with pre‑sales to review RFPs/RFIs, refine architectures, and produce realistic estimates.
- Define, validate, and document SASE/Zero‑Trust policies, ZTNA models, and secure site templates aligned to security frameworks.
- Ensure operational handover, including documentation, configuration standards, runbooks, and knowledge transfer.
- Capture lessons learned, update design standards, mentor staff, and promote productised delivery patterns.
**Required Skills**
*Core Technical*
- Fortinet SD‑WAN & SASE (FortiGate, FortiManager, FortiAnalyzer), policy design, and troubleshooting.
- Routing & overlay protocols: BGP, OSPF, IPsec, GRE, dual‑underlay/dual‑hub, DIA/MPLS migrations.
- NGFW, IDS/IPS, SSL inspection, PKI hygiene, Zero‑Trust principles, identity‑aware segmentation.
- LAN/WAN, SD‑Branch design, switching/wireless patterns, campus/branch architecture.
- Cloud interconnect, edge, private DC, data‑center gateway design.
*Professional*
- Customer‑centric communication, translating business constraints into technical decisions.
- Pragmatic delivery focus, balancing ideal design with realistic timelines and budgets.
- Leadership of design workshops, forums, and documentation delivery.
*Nice to Have*
- OT security exposure, ISA/IEC 62443 concepts, plant/retail edge segmentation, constrained‑environment change.
- Familiarity with other vendors (Cisco, Juniper, Meraki) for heterogeneous environments.
**Required Education & Certifications**
- Bachelor’s degree in Computer Science, Engineering, or related field.
- Fortinet NSE 4–7 (or progressing toward) is preferred.
- Cisco/Juniper routing certifications (e.g., CCNP, JNCIP) are advantageous.
- Security certifications such as CISSP, GIAC, or ISA/IEC 62443 exposure are a plus.
---