logo
Alle Stellen anzeigen

Senior Firewall & Connectivity Architect (m/w/d)

Festanstellung, Vollzeit · Ismaning
Lesen Sie die Stellenbeschreibung in:
Wen wir suchen
We are looking for an experienced Senior Firewall & Connectivity Architect to design, implement, and optimise a next-generation, identity-aware connectivity and security infrastructure.
In this role, you will define holistic enterprise architectures spanning firewalls, connectivity, cloud, and Zero Trust models, enabling secure site separation and granular user-based access. You will act as the architectural authority for modern perimeter-less networks, lead complex migration and transformation initiatives, and serve as the escalation point for advanced security and connectivity issues.
Ihr Aufgabengebiet
  • Design and define end-to-end enterprise connectivity architectures (LAN, WAN, SD-WAN, Internet, Cloud, Remote Access).
  • Architect next-generation firewall, proxy, and secure access solutions (on-prem, hybrid, and cloud-based).
  • Develop and implement identity-aware and user-based security concepts, including Check Point Identity Awareness.
  • Define and enforce Zero Trust, ZTNA, SSE, and SASE architecture principles.
  • Design secure location separation, security zones, trust levels, and traffic flows.
  • Lead firewall and connectivity migration projects, including routing design, policy transformation, and change management.
  • Integrate and optimise Zscaler platforms with on-prem networks, cloud environments (AWS, Azure, GCP), and SD-WAN solutions.
  • Manage replacement or coexistence scenarios between classic firewalls and cloud security platforms.
  • Optimise and document firewall rule bases and segmentation policies, ensuring full policy lifecycle governanceusing tools such as Tufin SecureTrack and SecureChange.
  • Define and oversee performance monitoring, log analysis, and reporting frameworks to improve operational transparency.
  • Provide expert-level troubleshooting for complex firewall, identity, and connectivity issues.
  • Support internal and external audits from an architectural and compliance perspective.
  • Evaluate new technologies and vendors; support RFPs and manufacturer assessments.
  • Advise IT management and business stakeholders on architecture decisions and strategic roadmaps.
  • Produce high-quality architecture documentation (HLD/LLD, diagrams, decision papers)
Ihre Expertise
  • Proven expertise in Check Point Firewall architecture and Identity Awareness.
  • Strong hands-on experience with user-based firewalling and Cisco network environments.
  • In-depth architectural knowledge of Zscaler platforms.
  • Solid understanding of Zero Trust, ZTNA, SSE, and SASE architectures.
  • Deep knowledge of TCP/IP (routing, protocols, ports, connection handling, packet sequencing, dump analysis).
  • Experience integrating firewalls with identity providers (Active Directory, IdP, SAML, OAuth).
  • Strong background in cybersecurity and secure hybrid infrastructure design.
  • Experience with hyperscaler environments (AWS and Azure).
  • Advanced skills in log analysis and log analytics platforms (e.g. Elasticsearch / ELK).
  • Confident working at architectural troubleshooting level across network and security stacks.
  • Experience with enterprise Linux (RHEL) and Windows Server environments.
  • Strong documentation and communication skills.
Unser Angebot
We offer extensive creative freedom and allow you to work independently—in an environment with flat hierarchies that encourages and challenges you. Our working atmosphere is characterized by personal appreciation, mutual respect, loyalty, and honesty.
 
  • Hybrid working/remote work with occasional on-site customer appointments
  • Exciting project assignments with well-known customers that match your professional focus
  • Subsidies for internet, childcare, shopping, and retirement provisions
  • 30 days of vacation + 2 company holidays + 1 additional mental health day for your resilience
  • Modern corporate culture with a focus on personal development
  • Highly motivated environment in a dynamically growing group of companies
  • Permanent position with a 40-hour week
  • Intensive onboarding with behind-the-scenes insight into all business units, feedback meetings, etc.
Ihr DIGIT4U BS Ansprechpartner für diese Position:
We look forward to receiving your complete application documents, including a cover letter, resume, and references: hr@digit4u-bs.de.

Please note that sending application documents via unencrypted email may be unsafe. Alternatively, application documents can be sent by post and/or using the online application option.

Important note
Please be advised that a valid work permit for Germany is required for non-EU citizens. Unfortunately, applications without a valid work permit and sufficient German language skills may not be considered.

Auf diese Stelle bewerben
Über uns

Die DIGIT4U - Business Solutions GmbH ist auf die Anforderungen von öffentlichen Auftraggebern auf Bundes-, Landes- und kommunaler Ebene sowie Kunden aus dem industriellen Enterprise-Umfeld spezialisiert. Die Leistungen umfassen unter anderem IT Services und Consulting, Beratung zu Transformations- und Digitalisierungsprojekten sowie Programm- und Projektmanagement. Wir unterstützen unsere Kunden dabei, technologische, organisatorische und betriebswirtschaftliche Fragestellungen in konkrete technische Lösungen zu verwandeln.

Einleitung
We are looking for an experienced Senior Firewall & Connectivity Architect to design, implement, and optimise a next-generation, identity-aware connectivity and security infrastructure.
In this role, you will define holistic enterprise architectures spanning firewalls, connectivity, cloud, and Zero Trust models, enabling secure site separation and granular user-based access. You will act as the architectural authority for modern perimeter-less networks, lead complex migration and transformation initiatives, and serve as the escalation point for advanced security and connectivity issues.
Your mission
  • Design and define end-to-end enterprise connectivity architectures (LAN, WAN, SD-WAN, Internet, Cloud, Remote Access).
  • Architect next-generation firewall, proxy, and secure access solutions (on-prem, hybrid, and cloud-based).
  • Develop and implement identity-aware and user-based security concepts, including Check Point Identity Awareness.
  • Define and enforce Zero Trust, ZTNA, SSE, and SASE architecture principles.
  • Design secure location separation, security zones, trust levels, and traffic flows.
  • Lead firewall and connectivity migration projects, including routing design, policy transformation, and change management.
  • Integrate and optimise Zscaler platforms with on-prem networks, cloud environments (AWS, Azure, GCP), and SD-WAN solutions.
  • Manage replacement or coexistence scenarios between classic firewalls and cloud security platforms.
  • Optimise and document firewall rule bases and segmentation policies, ensuring full policy lifecycle governanceusing tools such as Tufin SecureTrack and SecureChange.
  • Define and oversee performance monitoring, log analysis, and reporting frameworks to improve operational transparency.
  • Provide expert-level troubleshooting for complex firewall, identity, and connectivity issues.
  • Support internal and external audits from an architectural and compliance perspective.
  • Evaluate new technologies and vendors; support RFPs and manufacturer assessments.
  • Advise IT management and business stakeholders on architecture decisions and strategic roadmaps.
  • Produce high-quality architecture documentation (HLD/LLD, diagrams, decision papers)
Your profile
  • Proven expertise in Check Point Firewall architecture and Identity Awareness.
  • Strong hands-on experience with user-based firewalling and Cisco network environments.
  • In-depth architectural knowledge of Zscaler platforms.
  • Solid understanding of Zero Trust, ZTNA, SSE, and SASE architectures.
  • Deep knowledge of TCP/IP (routing, protocols, ports, connection handling, packet sequencing, dump analysis).
  • Experience integrating firewalls with identity providers (Active Directory, IdP, SAML, OAuth).
  • Strong background in cybersecurity and secure hybrid infrastructure design.
  • Experience with hyperscaler environments (AWS and Azure).
  • Advanced skills in log analysis and log analytics platforms (e.g. Elasticsearch / ELK).
  • Confident working at architectural troubleshooting level across network and security stacks.
  • Experience with enterprise Linux (RHEL) and Windows Server environments.
  • Strong documentation and communication skills.
Why us?
We offer extensive creative freedom and allow you to work independently—in an environment with flat hierarchies that encourages and challenges you. Our working atmosphere is characterized by personal appreciation, mutual respect, loyalty, and honesty.
 
  • Hybrid working/remote work with occasional on-site customer appointments
  • Exciting project assignments with well-known customers that match your professional focus
  • Subsidies for internet, childcare, shopping, and retirement provisions
  • 30 days of vacation + 2 company holidays + 1 additional mental health day for your resilience
  • Modern corporate culture with a focus on personal development
  • Highly motivated environment in a dynamically growing group of companies
  • Permanent position with a 40-hour week
  • Intensive onboarding with behind-the-scenes insight into all business units, feedback meetings, etc.
Ansprechpartner/in
We look forward to receiving your complete application documents, including a cover letter, resume, and references: hr@digit4u-bs.de.

Please note that sending application documents via unencrypted email may be unsafe. Alternatively, application documents can be sent by post and/or using the online application option.

Important note
Please be advised that a valid work permit for Germany is required for non-EU citizens. Unfortunately, applications without a valid work permit and sufficient German language skills may not be considered.
Auf diese Stelle bewerben
About us

Die DIGIT4U - Business Solutions GmbH ist auf die Anforderungen von öffentlichen Auftraggebern auf Bundes-, Landes- und kommunaler Ebene sowie Kunden aus dem industriellen Enterprise-Umfeld spezialisiert. Die Leistungen umfassen unter anderem IT Services und Consulting, Beratung zu Transformations- und Digitalisierungsprojekten sowie Programm- und Projektmanagement. Wir unterstützen unsere Kunden dabei, technologische, organisatorische und betriebswirtschaftliche Fragestellungen in konkrete technische Lösungen zu verwandeln.

Auf diese Stelle bewerben
Wir freuen uns über Ihr Interesse an der ausgeschriebenen Position und einer Mitarbeit in unserem Unternehmen.

Bitte füllen Sie das folgende kurze Formular aus. Sollten Sie Schwierigkeiten mit dem Upload Ihrer Daten haben, wenden Sie sich gerne direkt per Email an hr@digit4u-bs.de.
Datenschutzerklärung
Dokument wird hochgeladen. Bitte warten Sie.
Fügen Sie alle erforderlichen (mit einem * gekennzeichneten) Angaben hinzu, um Ihre Bewerbung abzusenden.