Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Lead Network & Security Architect

Celestica International LP

Req ID: 137432 
Region: Americas 
Country: USA 
State/Province: Texas 
City:  Richardson 

Summary

We are seeking a highly experienced and meticulous Lead Network & Security Architect to join the IT Support team for the Hardware Platform Solutions (HPS) group. In this role, you will take ownership of our global Research and Development Lab (RDL) reference architecture and drive its deployment, management, and scaling across all current and future HPS Design Centers (including Silicon Valley, Richardson, Thailand, and other global hubs).

The successful candidate will be responsible for implementing and maintaining a completely isolated, air-gapped network environment that operates independently of standard corporate IT networks. You will manage complex secure access paths, isolated VLAN provisioning, private full-mesh SD-WAN overlays, and a multi-tiered global data package replication and distribution system. You will also serve as the key enablement architect, helping project teams quickly spin up new project-specific instantiations of the RDL network model while adhering to strict security constraints.

Core Responsibilities

1. Architectural Implementation & Governance

  • Deploy Reference Architecture: Standardize and implement the RDL reference design across all global HPS design locations (San Jose, Richardson, Thailand, Shanghai, SongShan Lake, Penang, Chennai and future locations).
  • Support New Instantiations: Act as the primary technical design authority to spin up new RDL network instances (allocating subnets, configuring dedicated VLANs, establishing local jump hosts, and defining user authentication parameters) for upcoming HPS design projects.
  • Strict Constraint Enforcement: Maintain absolute isolation of the RDL environments. Ensure zero direct or indirect public internet connectivity and guarantee that out-of-scope systems or agents (e.g., CrowdStrike, Threat Locker, Big Fix, ServiceNow Agents, ClearPass NAC, and Windows Domain joins) are strictly excluded from the lab network.

2. Network Infrastructure & Security

  • SD-WAN & Routing: Design, configure, and maintain the private, full-mesh SD-WAN overlay connecting global RDL sites.
  • Secure Firewalling: Configure and administer enterprise-grade firewalls (Checkpoint 3980) protecting the perimeter of each localized lab, defining strict ingress/egress filtering rules.
  • Switching & Segmentation: Manage core and access layer switches (Cisco Catalyst 9400/9200 series, Celestica DS2000, ES1500 switches) to segment the RDL into logical, multi-tenant VLAN environments—specifically separating Export Controlled and Non-Export Controlled network zones.

3. Identity and Remote Access Management

  • Remote Customer Access: Oversee the implementation and administration of CyberArk vPAM (Virtual Privileged Access Management) for remote customer connections.
  • Corporate Remote Access: Configure and maintain Zscaler ZTNA (Zero Trust Network Access) and App Connectors to terminate connections securely on Linux-based local jump hosts.
  • Decentralized Authentication: Design and maintain a secure user management protocol on jump hosts and local RDL nodes. As the RDL operates without Windows Active Directory, you will define standard operating procedures for the manual/programmatic creation of local system accounts and localized role-based access control (RBAC).

4. Secure Data Package Management & DevOps Repo Architecture

  • Repository Architecture: Maintain the multi-tier secure data distribution system:
    • IT Repository Server: Internet-facing ingestion nodes (running on Hyper-V/Dell PowerEdge) to securely pull packages, drivers, and applications.
    • Global Repository Server: The middle-layer relay that acts as a secure, scanned transit point between the corporate IT network and the isolated RDL network.
    • RDL Local Repository Server: Localized instances inside the labs that pull from the Global Repo and host files locally over at /var/
  • Workflow Automation: Ensure seamless, secure, programmatically validated transfer of "transfer bundles" containing operating system packages (Rocky, Ubuntu, CentOS, etc.) across the air gap.
  • Security Scans & Compliance: Coordinate with corporate IT and security teams to execute periodic vulnerability scanning and patching of repository servers, ensuring all packages undergo integrity checks before reaching the inner RDL networks.

Knowledge/Skills/Competencies

Required Technical Skills

  • Hardware & OS Competencies: Hands-on experience with Checkpoint Firewalls (Checkpoint 3980 preferred), Cisco Catalyst 9400/9200 switches, and SilverPeak SD-WAN solutions.
  • Security & Identity Tools: Expert-level understanding of CyberArk (PVWM/vPAM) and Zscaler ZTNA/Zscaler App Connectors.
  • Virtualization & Systems: Solid administration experience in VMware vSphere Enterprise and/or Microsoft Hyper-V running on bare-metal systems (e.g., Dell PowerEdge R670).
  • Linux Administration: Strong proficiency with Linux environments (Rocky Linux, Ubuntu, CentOS) for jump host configuration and secure local web repository servers (Nginx/Apache).
  • Network Segmentation & Protocols: Expert in VLAN tagging, inter-VLAN routing, subnetting, IP address management (IPAM), and secure file transfer protocols.
  • Automated Data Pipelines: Familiarity with script-based file synchronization and automated extraction/integrity validation mechanisms (e.g., hashing, checksums) for software deployment across isolated boundaries.

Strongly Preferred Certifications

  • Checkpoint Certified Security Expert (CCSE) or Master (CCSM)
  • Cisco Certified Network Professional (CCNP) - Enterprise or Security
  • CyberArk Certified Defender or Sentry
  • Certified Information Systems Security Professional (CISSP)

Soft Skills & Working Style

  • Detailed Documentation: Proven track record of generating flawless High-Level Designs (HLD) and Low-Level Designs (LLD), block diagrams, and standard operating procedures (SOPs).
  • Strategic Problem Solver: Comfortable working around strict operational boundaries where typical modern agents and automated tools are banned for security compliance.
  • Cross-functional Partner: Ability to collaborate closely with HPS Design Engineers, Project Managers, Corporate IT Security, and external Customers.
  • Financial Stewardship: Ability to work closely with procurement to specify, justify, and size bill of materials (BOM) for both upgrading existing sites and provisioning new infrastructure.

Physical Demands

  • Duties of this position are performed in a normal office environment.
  • Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required.

Typical Education and Experience

  • Bachelor’s degree in Network Engineering, Computer Science, Cybersecurity, or a related technical field.

  • Minimum of 8+ years of experience in network architecture, with a heavy emphasis on securing air-gapped or highly isolated enterprise environments.

Notes

This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.

Celestica is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws. 
This policy applies to hiring, promotion, discharge, pay, fringe benefits, job training, classification, referral and other aspects of employment and also states that retaliation against a person who files a charge of discrimination, participates in a discrimination proceeding, or otherwise opposes an unlawful employment practice will not be tolerated. All information will be kept confidential according to EEO guidelines.
Celestica is an E-Verify employer.

COMPANY OVERVIEW:

Celestica, Inc. (NYSE: CLS; TSX: CLS) is a technology leader dedicated to driving customer success and market advancements. With deep expertise in design, engineering, manufacturing, supply chain, and platform solutions, Celestica enables critical data center infrastructure for AI, cloud, and hybrid cloud and advances technologies in high-growth markets. With a talented team and a strategic global network, Celestica helps its customers achieve competitive advantages.

Today, Celestica delivers innovative supply chain solutions globally to customers in strategic two operating and reporting segments:  Advanced Technology Solutions (ATS) and Connectivity and Cloud Solutions (CC):

ATS: This segment serves customers in complex, regulated and high-reliability markets such as Industrial & Smart Energy, Aerospace & Defense, Semiconductor Capital Equipment, and HealthTech. It is engineering led, with deep expertise in design, manufacturing and lifecycle solutions.

CCS: This segment focuses on high-performance technology solutions and services for the data center, serving hyperscalers, digital native customers and enterprises. Celestica's Platform Solutions offering provides innovative and customizable computing, storage and networking solutions enabling AI-driven growth.

Built on a legacy of trust and performance, Celestica has earned its reputation by delivering results in complex and fast-changing markets. Celestica exceeds customer expectations by identifying trends and staying ahead of the curve. Backed by comprehensive capabilities and a global network across North America, Europe and Asia, Celestica helps customers gain competitive advantage with the quality, flexibility and resiliency they need to respond quickly to shifts in demand. Guided by a bold vision to accelerate market advancements, Celestica delivers innovative solutions and technologies that turn complexity into opportunity. Anchored in teamwork and commitment, Celestica strives to be the most trusted partner to its customers and colleagues worldwide.

Celestica would like to thank all applicants, however, only qualified applicants will be contacted.
Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services.

Vacancy posted 25 days ago
Similar jobs that could be interesting for youBased on the Lead Network & Security Architect in Richardson, TX vacancy
  •  ...Senior Network Security Architect Date: General Overview Functional Area: Information Technology (ITM) Career Stream: IT Risk & Compliance (RAC) Role: Senior Technical Lead (SRT) Job Title: Senior Technical Lead, Information Security Job Code: SRT-ITM-SECR Job Level: Level... 
    Suggested
    Work at office
    Night shift

    Celestica

    Richardson, TX
    20 hours ago
  •  ..., design, and implementation of global network security solutions. This role reports into the Corporate...  ...not limited to, the following: Architects, designs, and oversees the deployment...  ...Zscaler Zero Trust implementations. Leads the product selection process for new... 
    Suggested
    Work at office
    Night shift

    Celestica

    Richardson, TX
    3 days ago
  • $90 per hour

     ...Title: Cyber Security Architect Location: Dallas, TX Client: HCL Client Job ID:...  ...Overview As a Level 4 Senior Network Security Consultant you will oversee and...  ...access control and segmentation. Lead incident response efforts related to network... 
    Suggested

    Diamondpick

    Dallas, TX
    8 hours ago
  •  ...Cybersecurity Network Security Manager Strong knowledge of network security protocols, endpoint security, and data security architectures...  ...Maintain and optimize Cisco ISE for network access control. Lead incident response efforts related to network security threats.... 
    Suggested

    Cynet Systems

    Dallas, TX
    1 day ago
  •  ...Cyber Security Architect Position: Cyber Security Architect Location: Hybrid in any of the following: Boston (MA), Holmdel (NJ), Dallas...  ...REST APIs, microservices design. • Experience in private network connectivity using Express Routes, Direct Connect, etc. •... 
    Suggested
    Work experience placement

    Software Technology Inc

    Dallas, TX
    2 days ago
  •  ...online store, Rexel USA has a distribution network of over 460 warehouse storefront...  ...We are looking for a Senior Network Architect to join our Rexel team in Dallas, TX! (Hybrid...  ...is cost-effective, scalable, resilient, secure, and operationally ready. This will include... 
    Full time
    Contract work
    Temporary work
    For contractors
    Work at office
    Local area
    Flexible hours

    Rexel USA

    Dallas, TX
    2 days ago
  •  ...Summary We are looking for a Senior Network Architect with deep expertise in enterprise and data...  ...requires solid experience in network security using Cisco FTD (Firepower) and Palo...  ...zones, and hybrid networking). You will lead end-to-end network architecture,... 
    Remote work

    Diverse Lynx

    Dallas, TX
    2 days ago
  • $122.4k - $228k

     ...Crescent Court Job Family Group: Technology Lead the design and maturity of end-to-end cloud security across multi-cloud environments (AWS, Azure, GCP),...  ...- encryption, key management, data protection Network Security - segmentation, private access, WAF, DDoS... 
    Contract work
    Part time
    Local area
    Immediate start

    Bank of Montreal

    Dallas, TX
    3 days ago
  •  ...level managerial leadership position. A Team Lead is expected to possess in-depth knowledge...  ...a focus on spatial analysis, mapping and network analysis to join our team of passionate...  ...projects where performance, scalability, security, and reliability are critical. You will... 
    Currently hiring
    Local area
    Remote work

    Tyler Technologies

    Plano, TX
    4 days ago
  •  ...impact in a dynamic environment designed for top achievers. Lead Cybersecurity Architect – JPMorgan Wealth Management As a Lead Cybersecurity...  ...Collaborates with cross‑functional teams to deliver scalable, secure, and resilient solutions. Ensures alignment of architecture... 
    For contractors

    Alamo ACE

    Plano, TX
    4 days ago
  •  ...Cyber Security Architect/Security Operations Architect We are looking for a Cyber Security Architect/Security Operations Architect. Please let me know if interested. Location: Houston, TX or Plano, TX (Houston preferred) Looking for nearby candidates W2 Contract... 
    Contract work

    Syntricate Technologies

    Plano, TX
    1 day ago
  • $131.25k - $201.25k

     ...As a technical leader of Product Security architecture for Dematic you will be critical...  ...engineer and 5+ years in a security engineer/architect role. ~ Extensive experience working...  ...~ Experience successfully mentoring and leading technical staff and small teams. ~... 
    Local area

    Dematic

    Plano, TX
    3 days ago
  •  ...technical knowledge SDWAN and Software Defined Networks like Cisco ACI or NSX. Key Skills to...  .... Experience in Engineering / Architect role in Network space Technical troubleshootings...  ...service manager about usage, trends, security requirements. Planning and Overseeing... 
    Work at office
    Shift work

    Omni Inclusive

    Plano, TX
    4 days ago
  • $83.54k - $137.24k

     ...The IT Security Engineer position is responsible for maintaining security operations and troubleshooting escalations from Service Desk...  ...on experience with a variety of firewall and security products Network and security troubleshooting experience Experience with network... 
    Temporary work
    Local area

    Optimum Corp

    Plano, TX
    3 days ago
  • $53 - $60 per hour

     ...Akkodis is seeking a Network Security Engineer for a Contract with a client in Plano, TX. The ideal candidate will be responsible for designing, implementing, and maintaining secure network infrastructure while ensuring high availability and performance of enterprise... 
    Hourly pay
    Contract work
    Temporary work
    Local area

    Akkodis

    Plano, TX
    20 hours ago
  •  ...Network Security Engineer Network Security Engineer Must Have Technical/Functional Skills: Network Protocols: TCP/IP, UDP, BGP, OSPF, EIGRP, MPLS, ISIS Layer 4 (Transport Layer): TCP, UDP, SSL termination (TLS offload) Layer 7 (Application Layer): WebSocket... 

    Diverse Lynx

    Plano, TX
    2 days ago
  •  ...Cyber Security Threat Management Specialist Serve as a technical subject matter expert to the Threat Management Team within Vanguard...  ...exfiltration techniques. Primarily responsible for managing the network data loss prevention (nDLP) platform. Develop custom rules or... 
    Work experience placement
    Shift work
    Night shift
    Weekend work
    Day shift

    Samprasoft

    Plano, TX
    3 days ago
  •  ...Enterprise Architect As an Enterprise Architect for State & Local Public Sector industry...  ...requirements. Develop scalable, secure, and highly available cloud solutions....  ...practices. ~ Strong understanding of networking, security, and infrastructure components... 
    Work experience placement
    Local area

    Compugain

    Dallas, TX
    3 days ago
  •  ...that people didn't even know could be possible. The Senior Security Engineer for Stellus Rx will be a key member of our Technology...  ...across AWS and multi-cloud environments. Apply knowledge of network-based, system-level, and application-layer attacks and... 
    Work experience placement

    Stellus RX

    Plano, TX
    28 days ago
  •  ...professionals for this role. Sr. Network Infrastructure Architect Vanguard’s Global Technology Office...  ...partnering with platform engineering, security, operations, and enterprise...  ...across multi-platform environments. Leads the development and evolution of enterprise... 
    Work at office

    Vanguard

    Dallas, TX
    11 days ago
  •  ...Texas Physical Therapy License Required Therapy Team Leader Career Opportunity Are you a licensed clinician ready to lead while continuing to provide hands-on patient care? As a Therapy Team Leader, you balance clinical excellence with team leadership-helping... 
    Full time
    Part time
    Flexible hours

    Encompass Health Rehabilitation Hospital of Dallas

    Plano, TX
    10 hours ago
  • $142.4k - $213.6k

     ...Schneider Electric has an opportunity for a Lead Solution Architect in our Boston office or one of our other Hub Locations....  ...if: IT Windows / Cloud Environments (Azure) / Networking / Cyber Security OT OPC / Modbus / OT Cyber / OT Networks Experience... 
    Full time
    Temporary work
    Work at office
    Flexible hours

    Schneider Electric

    Dallas, TX
    1 day ago
  •  ...Cyber Security Architect Dallas TX need to have Public trust clearance We are seeking an experienced Cyber Security Architect to lead the design and implementation of robust security solutions across AWS and on-prem datacenter environments.... 

    Futran Tech Solutions Pvt. Ltd.

    Dallas, TX
    2 days ago
  •  ...A leading technology firm in Dallas is looking for an HPC Security Solutions Architect to design and integrate security architectures. You will ensure that HPC environments are secure by design, work with various teams, and engage clients on security requirements. Ideal... 

    NMC2

    Dallas, TX
    20 hours ago
  •  ...across borders, emphasizing excellence, adaptability, and long-term value creation. About the role We are looking for a Program Lead to act as a strategic anchor for a major global transformation initiative operating across distributed teams, leadership... 
    Remote work
    Flexible hours

    Moro Tech

    Plano, TX
    27 days ago
  •  ...Senior Network Architect Location: Dallas, TX (Onsite) Visa: (USC/ GC only) Responsibilities • Develop recommendations that involve engineering development, integration, and interface design analysis, installation, fielding and field analysis, operation, maintenance... 
    Local area

    Georgia IT Inc

    Dallas, TX
    8 hours ago
  •  ...overlay technologies such as OpenFlow based network deployments a plus. • Strong experience...  ...equipment for a minimum of 5 years (architecting or designing network solutions). Must have...  ...emerging wireless technologies and BYOD/security strategies. • Must have thorough... 
    Weekend work

    Yochana

    Dallas, TX
    2 days ago
  • $179.4k - $204.7k

     ...Lead Cyber Cryptographic Engineer As a Cyber Cryptographic Engineer at Capital One, you will play a critical role in securing our cloud platforms and applications. You will specialize in cryptographic...  ...deployment of software-defined networking, advanced security controls, and... 
    Full time
    Part time
    H1b
    Local area
    Flexible hours

    Capital One

    Plano, TX
    2 days ago
  • $150.16k

     ...change the world. Job Description CDM Smith is seeking a Lead Enterprise Architect to join our Corporate Business Technology team. In this...  ...business and technology stakeholders to deliver scalable, secure, and integrated solutions across the enterprise application... 
    H1b
    Remote work

    CDM Smith

    Dallas, TX
    2 days ago
  •  ...Certified Design Expert (CCDE) Juniper Networks Certified Expert (JNCIE) VMware NSX...  ..., VoIP & Unified Communications, Security-Focused Network Design, Technical Leadership...  ...needs Proven experience working with leading network vendors and platforms, and the... 

    VBeyond

    Dallas, TX
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Lead Network & Security Architect. Be the first to apply!