Network Security Architect

The Network Security Architect will own and drive the vision, design, and implementation of a global network segmentation strategy for Crown's large-scale corporate environment, helping transform current infrastructure into a mature, zero-trust based architecture to significantly reduce the attack surface across the corporate IT, OT, data center and cloud networks.

They will work to continuously improve network related security across Crown by identifying issues and opportunities, assessing risk and defining solutions. Partnering closely with Regional IT teams and the rest of the Global Security Team, they will implement and maintain global network related security solutions and ensure all networks and regional network security and remote access solutions are configured securely and meet current and future requirements and align with Crown standards., Strategy and Architecture Design (50%):

• Design, document, and lead the implementation of a comprehensive global network segmentation roadmap.
• Define and document global security standards for wireless and wired networks, remote access, firewall/internet access solutions and public cloud based infrastructure.
• Oversee improvements to network related security and standards beyond segmentation, covering other areas such as Wireless, Wired, Remote Access, Firewalls, NAC and Internet Access solutions.
• Identify, assess and select global network security related solutions and changes that will improve Crown's cyber security posture all around the world.
• Produce highly detailed designs and plans to ensure new network security solutions and changes are robust, resilient and fit well into Crown's environment while minimising operational impact.

Implementation & Technical Leadership (40%):

• Serve as the lead technical subject matter expert (SME) throughout the implementation of new global network security solutions and changes, including defining standard processes and authoring detailed technical guides to allow smooth transition to an operational state.
• Function as a subject matter expert (SME) for Crown's global and regional network security solutions, helping ensure they are all managed and maintained to Crown and industry standards and meet current and future requirements.
• Proactively identify network security configuration issues across the enterprise and coordinate efficient remediation with minimal operational impact.

Stakeholder Collaboration and Consulting (10%):

• Assist with other projects and activities to ensure any network related components or changes are configured securely and in-line with Crown security standards.

Do you have experience in VPN?, Do you have a Bachelor's degree?, Crown seeks an experienced, driven network security architect to define strategy and standards and engineer resilient secure solutions across our global manufacturing environment., * 10+ years hands on experience in network engineering and architecture, with at least 3+ years specialising in large-scale network segmentation.

• 5+ years hands on experience implementing and managing industry leading network security solutions (NGFWs, NDR, SASE, CASB, WAF, NAC, ZTNA).
• Deep expertise in core networking technologies (SDWAN, MPLS, VPN, IPSec, VLANs etc).
• Detailed understanding of enterprise network transport protocols (TCP, UDP, ICMP, ARP), infrastructure protocols (DNS, DHCP, BGP, SNMP), common application protocols (SMB, RDP, HTTP, FTP etc) and security protocols (TLS/SSL, IPSec, SSH, SAML, OAuth etc).
• Proven history of identifying, assessing and remediating network related security risks/misconfigurations.
• Strong technical knowledge of a Microsoft based enterprise IT infrastructure.
• Experience as an architect or lead on large projects spanning multiple countries and cultures.
• Background of defining security standards and processes in large corporate IT environments.
• Working knowledge of Cyber Security frameworks/methodologies (such as NIST, ISO 27001, MITRE ATT&CK, Lockheed Martin Kill Chain etc).

Core Competencies:

• Strategic thinker to enable translation of complex business needs into secure technical, actionable plans.
• Quality driven, detail oriented with advanced problem solving and troubleshooting skills.
• Strong organizational and prioritization skills; consistently meets project deadlines.
• Excellent communication skills, translating technical concepts for all audiences and influencing technical stakeholders with evidence based recommendations.
• Collaborative and inclusive; works effectively across diverse teams, countries, and cultures.

Education & Certifications:

• Bachelor's degree in Information Systems, Computer Science, or equivalent experience.
• Preferred security certifications: CISM, CISSP, CCNA, CCNP or similar.
• Preferred vendor certfications: CCIE/CCNP, PCNSE/PCNSA, MS SC-100/AZ-700 or similar.
• TOGAF would also be desirable.

Crown Holdings, Inc. is a global leader in the design, manufacture, and sale of packaging products for consumer goods. At Crown, we are passionate about helping our customers build their brands and connect with consumers around the world. We do this by delivering innovative packaging that offers significant value for brand owners, retailers, and consumers alike. With operations in 47 countries employing over 33,000 people and net sales of over $11 billion, we are uniquely positioned to bring best practices in quality and manufacturing to our customers to drive their businesses locally and globally. Sustaining a leadership position requires us to build a team of highly talented, dedicated, and driven individuals., The Global Information Security Team's mission is "protect Crown's global information systems, data and employees from cyber-based security threats while ensuring the confidentiality, integrity and availability of information used by the Crown business units to produce world class sustainable packaging solutions to our customers". You will join a fun, cohesive and collaborative team who love what they do and are committed to creating a safe and secure environment for the Crown family. Our team is nimble, lean and have dynamic backgrounds that foster an environment of continuous learning and growth., Yardley, PA (USA) or Wantage (UK). This is an office-based position, and individuals are expected to be in the office daily. Crown offers a flexible work hour schedule.