Technical Architect - Network (Firewall Focus)

Details

• Department: Core Tech Network
• Schedule: 8 hour shift, Monday-Friday
• Location: Remote
• Salary: $121,264 - $169,035 per year
• Eligible for annual bonus incentive

Benefits

Paid time off (PTO)

Various health insurance options & wellness plan

Retirement benefits including employer match plan

Long-term & short-term disability

Employee assistance programs (EAP)

Parental leave & adoption assistance

Tuition reimbursement

Ways to give back to your community

Benefit options and eligibility vary by position. Compensation varies based on factors including, but not limited to, experience, skills, education, performance, location and salary range at the time of the offer.

Responsibilities

Technical Architect - Network (Firewall Focus)

is to integrate firewall-specific responsibilities, skills, and experience directly into the existing framework, especially within the Functional Responsibilities and a new Required Qualifications sec

Ascension Health - Full-Time Remote Position

At Ascension, our technology teams drive impact through reimagining how we deliver a people-centered healthcare experience and creating the solutions to do it. We are hiring a Technical Architect - Network to join our growing organization, with a core focus on Firewall and network security solutions . This is a full-time remote position.

The Technical Architect strategically designs and implements technology solutions that meet business requirements that are fully aligned with enterprise and domain architecture guidelines. This individual is responsible for determining and selecting appropriate design patterns, leveraging pre-established domain architecture standards where possible, or proposing the need for new standards to meet business requirements. As a Technical Architect, you will provide technical leadership for assigned projects, with a strong emphasis on secure network segmentation and perimeter defense .

Functional Responsibilities:

Solution Ideation and Requirements Gathering

• Uses active listening techniques to clarify and articulate business needs.
• Collaborates with business partners to align service or product solutions with Ascension Technologies' capacity to deliver.
• Applies knowledge of the business strategy, goals, and processes to identify technology services that can address the business needs.
• Shapes business partner demand for IT services to more fully utilize the current service portfolio, when applicable.
• Facilitates comparisons between unique business partner requirements and available solutions in the existing service catalog.
• Engages enterprise architect(s) and domain architect(s) in order to understand potential alternatives (e.g., new design standards) to meet unique business requirements while complying with long-term architectural roadmaps.
• Specifically gathers and documents requirements for firewall configuration, security policy deployment, VPN connectivity, and network segmentation based on security and business needs.
• Assists with the development of cost estimates, business cases and TCO model.

Solution Design, Build and Deploy

• Uses technical knowledge to direct the design and build of the solution architecture, considering current technology platforms and standards, obsolescent solutions and emerging technologies.
• Understands methods and practices for solution development in order to support holistic technical requirements for the solution, inclusive of configuration, security, and quality with Managed Service Providers (MSPs) and/or 3rd party vendors.
• Retains knowledge of prior solution deployments and lessons learned to effectively recommend appropriate design and build solutions.
• Develops High Level Design (HLD) based on existing domain architecture standards and/or agreed upon deviations from enterprise architect(s) and domain architect(s).
• Develops detailed HLDs for firewall implementations, including rule structures, NAT/PAT design, routing integration, high-availability, and log management.
• Conducts design peer reviews with EA, DA, Service delivery Manager (for day 2 operations), security and other impacted teams.
• Oversees and approves Low Level Design (LLD) development by MSPs / 3rd party vendors and ensures that it aligns with the HLD and underlying intent, with specific attention to firewall-as-a-Service (FWaaS) models and cloud-native firewall solutions.
• Understands and facilitates the architectural review process (e.g., ARB) for discussions regarding the need to deviate from standards.
• Works collaboratively with the business engagement teams and service delivery personnel to ensure that technical solutions are cohesive and support the business needs while integrating all necessary solution components to effect the desired change.
• Serves as the primary client-facing technical solution resource to describe as necessary the solution components required to meet business objectives.
• Understands and follows corporate architectural guidelines, standards and policies (e.g., security, risk, HIPAA/PCI compliance , etc.).
• Provides oversight and approval of MSPs / 3rd party vendors testing plans and procedures in relation to validation of integrated system components.
• Facilitates interactions between MSPs / 3rd party vendors and internal service delivery team as necessary for technical support related to transition of changes into production.

Technical Leadership

• Recommends IT enterprise strategy and policy decisions for the organization to consider based on sound business and strategic rationale.
• Acts as the subject matter expert (SME) for all enterprise firewall technologies, guiding the long-term strategy and roadmap for network security architecture.
• Provides guidance and advice to the leadership team to support strategic decision-making.
• Recommends tools that are required to support the service tower/domain for monitoring and measurement of metrics and compliance with service levels, or user expectations.
• Evaluates trends and recommends business advantages for adopting emerging technologies to enterprise architect(s), domain architect(s) and service tower leadership, specifically in areas like Zero Trust Architecture (ZTA) and micro-segmentation.
• Stays abreast with technology trends and internal IT architecture standards.

Leadership/Interpersonal Skills

• Communicates and interacts effectively at various levels of the organization including senior leadership, business stakeholders and technical subject matter experts.
• Facilitates resolution of issues through creative solutioning, open exchange of information and viewpoints and influence; uses negotiation skills when appropriate.
• Writes clearly and succinctly in a variety of communication settings and styles while tailoring the messaging based on audience.
• Builds trust and respect with key stakeholders and gains support for change.
• Demonstrates proactive behaviors and self-management techniques, including but not limited to, working efficiently, demonstrating adaptability and setting goals.
• Brings appropriate individuals together to accomplish business objectives; facilitate access to critical competencies; knows who to call/involve.
• Demonstrates "big picture thinking" and ability to see how individual parts interact and fit into the whole picture.
• Demonstrates ability to think outside the box to develop new ideas, concepts and solutions to meet new requirements, unarticulated needs or existing needs.

Required Qualifications (Firewall/Security Specific)

• Extensive, hands-on experience designing, implementing, and maintaining large-scale enterprise firewall environments.
• Deep expertise in at least two major firewall vendor platforms (e.g., Palo Alto Networks, Cisco FTD/ASA, Check Point, Fortinet) with preference for Palo Alto Networks .
• Demonstrated knowledge of Next-Generation Firewall (NGFW) capabilities, including application control, IPS/IDS, URL filtering, and SSL decryption.
• Strong understanding of network segmentation, Micro-segmentation, and Zero Trust principles.
• Proficiency in network routing protocols (BGP, OSPF) and their integration with firewall policies and VPN technologies (IPsec, SSL VPN).
• Experience with Cloud Firewall solutions in major cloud providers (AWS, Azure, Google Cloud Platform) is a strong asset.
• Familiarity with compliance frameworks relevant to healthcare (e.g., HIPAA, HITECH ) and their impact on network security design.
• Certification such as Palo Alto Networks Certified Network Security

Requirements

Education:

• High School diploma equivalency with 3 years of cumulative experience OR Associate'
  
  degree/Bachelor's degree with 2 years of cumulative experience OR 7 years of applicable cumulative job specific experience required.
• 3 years of leadership or management experience preferred.

Additional Preferences

#at #ascension #LI-REMOTE

Why Join Our Team

When you join Ascension, you join a team of over 134,000 individuals across the country committed to a Mission of serving others and providing compassionate, personalized care to all. Our inclusive culture, continuing education programs, career coaches and benefit offerings are just a few of the resources and tools that team members can use to create a rewarding career path. In fact, Ascension spent nearly $46 million in tuition assistance alone to support associate growth and development. If you are looking for a career where you can grow and make a difference in your community, we invite you to join our team today.

Equal Employment Opportunity Employer

Ascension provides Equal Employment Opportunities (EEO) to all associates and applicants for employment without regard to race, color, religion, sex/gender, sexual orientation, gender identity or expression, pregnancy, childbirth, and related medical conditions, lactation, breastfeeding, national origin, citizenship, age, disability, genetic information, veteran status, marital status, all as defined by applicable law, and any other legally protected status or characteristic in accordance with applicable federal, state and local laws.

For further information, view the EEO Know Your Rights (English) poster or EEO Know Your Rights (Spanish) poster.

As a military friendly organization, Ascension promotes career flexibility and offers many benefits to help support the well-being of our military families, spouses, veterans and reservists. Our associates are empowered to apply their military experience and unique perspective to their civilian career with Ascension.

Pay Non-Discrimination Notice

Please note that Ascension will make an offer of employment only to individuals who have applied for a position using our official application. Be on alert for possible fraudulent offers of employment. Ascension will not solicit money or banking information from applicants.

E-Verify Statement

This employer participates in the Electronic Employment Verification Program. Please click the E-Verify link below for more information.

E-Verify

Responsibilities

Technical Architect - Network (Firewall Focus)

is to integrate firewall-specific responsibilities, skills, and experience directly into the existing framework, especially within the Functional Responsibilities and a new Required Qualifications sec

Ascension Health - Full-Time Remote Position

At Ascension, our technology teams drive impact through reimagining how we deliver a people-centered healthcare experience and creating the solutions to do it. We are hiring a Technical Architect - Network to join our growing organization, with a core focus on Firewall and network security solutions . This is a full-time remote position.

The Technical Architect strategically designs and implements technology solutions that meet business requirements that are fully aligned with enterprise and domain architecture guidelines. This individual is responsible for determining and selecting appropriate design patterns, leveraging pre-established domain architecture standards where possible, or proposing the need for new standards to meet business requirements. As a Technical Architect, you will provide technical leadership for assigned projects, with a strong emphasis on secure network segmentation and perimeter defense .

Functional Responsibilities:

Solution Ideation and Requirements Gathering

• Uses active listening techniques to clarify and articulate business needs.
• Collaborates with business partners to align service or product solutions with Ascension Technologies' capacity to deliver.
• Applies knowledge of the business strategy, goals, and processes to identify technology services that can address the business needs.
• Shapes business partner demand for IT services to more fully utilize the current service portfolio, when applicable.
• Facilitates comparisons between unique business partner requirements and available solutions in the existing service catalog.
• Engages enterprise architect(s) and domain architect(s) in order to understand potential alternatives (e.g., new design standards) to meet unique business requirements while complying with long-term architectural roadmaps.
• Specifically gathers and documents requirements for firewall configuration, security policy deployment, VPN connectivity, and network segmentation based on security and business needs.
• Assists with the development of cost estimates, business cases and TCO model.

Solution Design, Build and Deploy

• Uses technical knowledge to direct the design and build of the solution architecture, considering current technology platforms and standards, obsolescent solutions and emerging technologies.
• Understands methods and practices for solution development in order to support holistic technical requirements for the solution, inclusive of configuration, security, and quality with Managed Service Providers (MSPs) and/or 3rd party vendors.
• Retains knowledge of prior solution deployments and lessons learned to effectively recommend appropriate design and build solutions.
• Develops High Level Design (HLD) based on existing domain architecture standards and/or agreed upon deviations from enterprise architect(s) and domain architect(s).
• Develops detailed HLDs for firewall implementations, including rule structures, NAT/PAT design, routing integration, high-availability, and log management.
• Conducts design peer reviews with EA, DA, Service delivery Manager (for day 2 operations), security and other impacted teams.
• Oversees and approves Low Level Design (LLD) development by MSPs / 3rd party vendors and ensures that it aligns with the HLD and underlying intent, with specific attention to firewall-as-a-Service (FWaaS) models and cloud-native firewall solutions.
• Understands and facilitates the architectural review process (e.g., ARB) for discussions regarding the need to deviate from standards.
• Works collaboratively with the business engagement teams and service delivery personnel to ensure that technical solutions are cohesive and support the business needs while integrating all necessary solution components to effect the desired change.
• Serves as the primary client-facing technical solution resource to describe as necessary the solution components required to meet business objectives.
• Understands and follows corporate architectural guidelines, standards and policies (e.g., security, risk, HIPAA/PCI compliance , etc.).
• Provides oversight and approval of MSPs / 3rd party vendors testing plans and procedures in relation to validation of integrated system components.
• Facilitates interactions between MSPs / 3rd party vendors and internal service delivery team as necessary for technical support related to transition of changes into production.

Technical Leadership

• Recommends IT enterprise strategy and policy decisions for the organization to consider based on sound business and strategic rationale.
• Acts as the subject matter expert (SME) for all enterprise firewall technologies, guiding the long-term strategy and roadmap for network security architecture.
• Provides guidance and advice to the leadership team to support strategic decision-making.
• Recommends tools that are required to support the service tower/domain for monitoring and measurement of metrics and compliance with service levels, or user expectations.
• Evaluates trends and recommends business advantages for adopting emerging technologies to enterprise architect(s), domain architect(s) and service tower leadership, specifically in areas like Zero Trust Architecture (ZTA) and micro-segmentation.
• Stays abreast with technology trends and internal IT architecture standards.

Leadership/Interpersonal Skills

• Communicates and interacts effectively at various levels of the organization including senior leadership, business stakeholders and technical subject matter experts.
• Facilitates resolution of issues through creative solutioning, open exchange of information and viewpoints and influence; uses negotiation skills when appropriate.
• Writes clearly and succinctly in a variety of communication settings and styles while tailoring the messaging based on audience.
• Builds trust and respect with key stakeholders and gains support for change.
• Demonstrates proactive behaviors and self-management techniques, including but not limited to, working efficiently, demonstrating adaptability and setting goals.
• Brings appropriate individuals together to accomplish business objectives; facilitate access to critical competencies; knows who to call/involve.
• Demonstrates "big picture thinking" and ability to see how individual parts interact and fit into the whole picture.
• Demonstrates ability to think outside the box to develop new ideas, concepts and solutions to meet new requirements, unarticulated needs or existing needs.

Required Qualifications (Firewall/Security Specific)

• Extensive, hands-on experience designing, implementing, and maintaining large-scale enterprise firewall environments.
• Deep expertise in at least two major firewall vendor platforms (e.g., Palo Alto Networks, Cisco FTD/ASA, Check Point, Fortinet) with preference for Palo Alto Networks .
• Demonstrated knowledge of Next-Generation Firewall (NGFW) capabilities, including application control, IPS/IDS, URL filtering, and SSL decryption.
• Strong understanding of network segmentation, Micro-segmentation, and Zero Trust principles.
• Proficiency in network routing protocols (BGP, OSPF) and their integration with firewall policies and VPN technologies (IPsec, SSL VPN).
• Experience with Cloud Firewall solutions in major cloud providers (AWS, Azure, Google Cloud Platform) is a strong asset.
• Familiarity with compliance frameworks relevant to healthcare (e.g., HIPAA, HITECH ) and their impact on network security design.
• Certification such as Palo Alto Networks Certified Network Security

Qualifications

Education:

• High School diploma equivalency with 3 years of cumulative experience OR Associate'
  
  degree/Bachelor's degree with 2 years of cumulative experience OR 7 years of applicable cumulative job specific experience required.
• 3 years of leadership or management experience preferred.