Cloud Network Architect

Zurich North America is currently recruiting for a Cloud Network Architect and this person can work either in our Schaumburg North America HQ or can work remotely.

This person will report to the Application Portfolio Manager Infrastructure and Operations, Public Cloud.

This role will be a SME for ZNA public cloud networking functions and the primary responsibility will be to design, implement, and maintain the secure networking infrastructure of the ZNA public cloud environments (Azure and AWS).

The Cloud Network Architect is responsible for delivering enterprise-level IT support, including leveraging engineering tools and processes for effective provisioning, installation, configuration, operation, maintenance, and support of Zurich’s public cloud infrastructure.

The successful candidate will possess very strong troubleshooting skills with the ability to work independently to research and resolve issues.

Responsibilities :

• Contribute to the successful deployment, management, and enforcement of security policies within our public cloud networking environment
• Design, implement, and manage the secure networking infrastructure within the ZNA public cloud environment, with a focus on adherence to security best practices and compliance requirements
• Participate in incident response activities, including troubleshooting and resolving security-related issues in a timely manner
• Collaborate with cross-functional teams to understand networking requirements and translate them into effective solutions
• Collaborate with DevOps teams to integrate network security automation and policy enforcement into CI / CD pipelines
• Monitor and analyze network traffic, security logs, and other relevant data to proactively identify and mitigate potential security threats and vulnerabilities
• Engineer, automate and orchestrate system provisioning and maintenance processes using modern cloud tools and technologies.

Evaluate, design, and implement supporting technologies in alignment with global and local requirements.

• Perform system administration tasks including deployments, configuration, systems monitoring, troubleshooting, and support while innovating to automate as much as possible.
• Install, configure, maintain, and support applications and servers in public cloud environments.
• Perform operating system and software application installation, patching, and upgrades.
• Troubleshoot and resolve issues reported by monitoring systems and submitted through the ticketing system. Fully document issues, actions taken, and steps for resolution.
• Initiate escalation process as appropriate while communicating progress and resolution to clients. Work with other teams to resolve problems and minimize escalations.
• Engineer and maintain operational processes and procedures.
• Focus on continued professional development to maintain knowledge and application of current industry best practices and security concepts.
• Exhibit an innovative mindset by suggesting improvements as well as engineering and implementing related recommendations.

Strong desire to learn, implement, and teach others in new processes and technologies.

Perform other tasks as defined, planned, and approved by leadership.

Basic Qualifications :

• Bachelor’s Degree in Information Technology and 6 or more years of experience in the Information Technology area OR
• High School Diploma or Equivalent in Information Technology and 8 or more years of experience in the Information Technology area OR
• Zurich Certified Insurance Apprentice including an Associate Degree in Information Technology and 6 or more years of experience in the Information Technology area

Preferred Qualifications :

• Skilled and experienced Azure Cloud Networking Engineer with a strong focus on security and policy
• Proven experience as a network engineer, with a strong focus on designing and implementing secure public cloud networking solutions
• Experience in public cloud networking (Firewall, NSG rules, VWAN Hub, ExpressRoute / Direct Connect, Virtual Network / Subnet, Private Endpoint, Private DNS Zone / Route 53, Load balancer, Application Gateway)
• Familiarity with security frameworks and standards such as NIST, CIS, and GDPR
• Strong understanding of network security principles, protocols (TCP / IP, DNS, DHCP), and encryption technologies
• Experience with network security tools and technologies, such as firewalls, intrusion detection / prevention systems, and log management systems
• Demonstrated experience with software engineering, scripting, automation, and orchestration tools (Terraform, PowerShell, Ansible, GitHub)
• Demonstrated experience provisioning, configuring, and maintaining cloud computing services such as Azure and AWS.
• Demonstrated experience administering, monitoring, and maintaining both Microsoft and Linux server-based operating systems.
• Experience with monitoring tools such as Dynatrace and ThousandEyes.
• Occasional travel may be required.

As a condition of employment at Zurich, employees must adhere to any COVID-related health and safety protocols in place at that time ().