Network Security Architect with experience in Firewall, F5, Zscaler, LAN, WAN

The Technical Solution Architect (TSA) provides end-to-end technical leadership for complex network-security deployments and migrations delivered by Prodapt into Vodafone business units. The TSA owns solution integrity from high-level architecture through to hand-over, acting as the single technical point of contact for Vodafone customers and for Prodapt's MES engineering squad. The role combines deep multi-domain engineering expertise (LAN, WAN, Firewalls, F5, Zscaler ZPA/ZIA, routing protocols such as BGP/OSPF) with exceptional soft skills, documentation discipline and change-management rigour.

Key Responsibilities:

Area

Core Expectations

Technical leadership

Own overall solution architecture and low-level designs (LLDs).
Validate and integrate component designs for LAN, Firewall, F5, WAN, VPN, ZPA/ZIA and related security controls.
Lead pre-migration readiness checks, cut-over planning and post-migration hyper-care.
Provide 24 / 7 escalation cover during migration windows when rostered.

Customer engagement

Function as the face of Prodapt to Vodafone stakeholders.
Run bi-weekly customer forums, status calls and design workshops.
Translate complex technical details into business-relevant language for non-technical audiences.
Proactively surface risks, options and recommendations.

Documentation & branding

Produce and maintain architecture decks, LLDs, change packs (ER/CR forms), rollback procedures and run-books.
Adhere to Vodafone document templates, style guides and branding (logo, colour palette, slide master).
Ensure every change record contains accurate commands/scripts - no copy-paste mismatches.

Process & governance

Drive full compliance with Vodafone change-management policy (from submission to PIR).
Keep trackers, RAID logs and SharePoint libraries current; update at least twice per week.
Uphold C3 confidentiality, seeking permission before sharing artefacts externally.

Collaboration with MES engineering

Brief Rob's LAN engineering team on design intent and acceptance criteria.
Review implementation artefacts (configs, Ansible/Terraform scripts, F5 iRules) for alignment with the LLD.
Mentor engineers on broader solution context and soft-skill best practices.

Continuous improvement

Feed lessons-learned into standard operating procedures and reference designs.
Champion automation and template-driven change documents to cut rework and errors.

Required Skills & Experience:

• Technical depth
• 8+years in network-security architecture or senior engineering across enterprise environments.
• Hands-on design/migration of at least two of the following at scale: Check Point R8x Firewalls, Cisco or Juniper LAN and WAN, F5 BIG-IP LTM/GTM/AFM, Zscaler ZIA & ZPA, SD-WAN.
• Strong routing fundamentals (BGP, OSPF, route maps, redistribution).
• Scripting or automation (Python, Ansible, Terraform) is desirable.
• Soft skills
• Proven ability to lead multi-vendor, multi-disciplinary teams.
• Confident facilitator-able to run workshops, present to senior stakeholders and manage challenging conversations.
• Proactive communicator: provides unsolicited progress updates, raises blockers early, documents decisions promptly.
• Documentation & tooling
• Expertise with Visio or draw.io for architecture diagrams; PowerPoint for executive decks; Word/Confluence for LLDs.
• Familiarity with Vodafone change tools (ServiceNow, Remedy) and SharePoint governance.
• Qualifications (any two preferred)
• CCNP/CCIE Enterprise or Security, JNCIP/JNCIE, F5 CTS, Check Point CCSE, Zscaler ZCCA-IA/ZCCA-IAE, TOGAF, ITILv4.