Senior Security Architect (VCF & vDefend SME)

Role Overview

We are seeking a high-caliber Security Architect to lead the security certification and architectural validation of VMware Cloud Foundation (VCF) for a global financial services enterprise. The primary focus is ensuring that the VCF stack meets the stringent Global Information Security (GIS) standards through the expert implementation of VMware vDefend.

Key Responsibilities

• Security Architecture: Discover, plan, design and validate micro-segmentation strategies with distributed firewall (DFW) policies using vDefend to protect Tier-0 through Tier-N applications.
• Experience with using Security Services Platform (SSP) competencies such Security Intelligence for flow analysis, rule recommendations and monitoring.
• Certification & Compliance: Partner with Global Information Security (GIS) leads to achieve official security certification for the VCF platform within the bank s environment.
• Advanced Threat Prevention (ATP): Implement and manage advanced vDefend features, including Distributed IDS/IPS, Malware Prevention, Network Traffic Analysis (NTA) and Network Detection and Response (NDR).
• Policy Automation: Develop automated security policy frameworks to ensure "security-as-code" is integrated into the VCF deployment lifecycle.
• VCF Integration: Ensure seamless alignment between NSX networking and vDefend security layers to support a Zero-Trust architecture.

Required Technical Qualifications

• Subject Matter Expertise: Deep, hands-on experience with VMware vDefend Security including Distributed Firewall, Gateway Firewall, and Identity-based firewalling.
• Platform Knowledge: Strong proficiency in VMware Cloud Foundation (VCF) 5.x/9.x and SDDC Manager.
• Security Tooling: Experience with SSL decryption, Deep Packet Inspection (DPI), and integrating VCF logs with enterprise SIEM (e.g., Splunk) for auditability.
• Financial Services Experience: Proven track record of navigating complex security "Gate" processes and compliance frameworks (PCI-DSS, or internal GIS standards).

Preferred Skills

• VMware Certified Design Expert (VCDX-NV) or Advanced Professional (VCAP-Security).
• Familiarity with Aria Operations for Networks (formerly vRNI) for traffic analysis and policy modeling.
• Familiarity with container security (Tanzu/Antrea) within a VCF context.