As part of System Architecture group, the Cybersecurity System Architect will define the end-to-end architecture of advanced network security services, such as intrusion prevention systems (IPS), and host-based intrusion detection systems (HIDS) and firewalling. This role is at the forefront of integrating deep security intelligence into high-performance, scalable network operating systems and telecom-grade platforms.
As part of R&D core function, shaping next-generation secure network infrastructure by embedding deep packet inspection, behavioral analytics, and threat mitigation into the product architecture.
Responsibilities
1. Architecture of Integrated Security Services
Define and lead the system architecture for L3-L7 firewalling, stateful inspection, policy enforcement, and application-aware filtering.
Architect integration of IPS, DPI, signature- and anomaly-based detection, and evasion-resilient detection engines into control and data plane systems.
Specify how HIDS capabilities will be embedded or interfaced with NOS components for detecting host-based anomalies and compromise indicators.
2. Threat Detection & Prevention Frameworks
Design scalable architectures that support high-speed signature matching, traffic heuristics, and flow analysis under real-world traffic conditions.
Define mechanisms for rule updates, threat intelligence feeds, and integration of ML-based detection algorithms.
Architect policy engines for complex rule matching, including user-defined policy trees and hierarchical control structures.
3. Secure System Integration
Lead system-level threat modeling and security design reviews across platform, OS, and networking protocol layers.
Define secure communication paths, trust boundaries, and cryptographic protections for sensitive metadata, logs, and update mechanisms.
Ensure proper isolation and sandboxing of inspection/control modules, especially in multi-tenant or containerized environments.
4. Performance and Resilience Considerations
Design architectures to meet line-rate security enforcement, ensuring minimal latency overhead while preserving packet integrity.
Align with the HW Architecture for performance optimized flow offload strategies (e.g. hardware-assisted DPI).
Requirements: Education:
B.Sc. or M.Sc. in Computer Engineering, Electrical Engineering, or Computer Science.
Cybersecurity specialization or relevant certifications
Deep knowledge of:
IPS/HIDS principles: signature vs. anomaly detection, behavior monitoring, evasion techniques.
L4-L7 inspection: application identification, protocol normalization, encrypted traffic analysis (SSL/TLS).
Firewall architectures: stateless/stateful packet filtering, next-gen firewalling, policy-based routing.
Strong background in:
Network protocols (TCP/IP stack, DNS, HTTP/S, TLS, IPsec, BGP) and related vulnerabilities.
DPI engines, pattern matching algorithms, threat scoring frameworks.
Experience
4+ years of experience in R&D or system architecture for networking and security products.
Soft Skills
Systemic, detail-oriented thinker with strong threat modeling and architecture documentation skills.
Strong cross-team communication and leadership in an R&D matrix environment.
Proactive mindset towards emerging threats, performance bottlenecks, and usability tradeoffs in secure systems.
This position is open to all candidates.