Lead Security Architect

About The Position

Requirements

• Bachelor’s degree or four or more years of work experience.
• Eight or more years of relevant experience required, demonstrated through one or a combination of work and/or military experience, or specialized training.
• Six or more years of experience in enterprise network implementation, testing, and data center operations.
• Six or more years of experience in enterprise network architecture and security design.

Nice To Haves

• Prior experience leading complex application migrations and data center consolidation projects.
• Experience building fault-tolerant architectures and micro-segmentation within Zero Trust (SASE/SSE) frameworks.
• Deep expertise in Next-Gen Firewalls (NGFW), proxies, VPNs, and IAM, specifically regarding management traffic security.
• Hands-on experience using Python and Ansible to automate configuration migrations and infrastructure scaling.
• Technical proficiency with enterprise logging and monitoring tools (e.g., Splunk, Zabbix, SevOne).
• Strong understanding of operating systems (Linux/Windows) and how they interact with network infrastructure.
• Strong alignment with NIST, ISO 27001, and CIS benchmarks across cloud-native and hybrid environments.
• Certifications like: CISSP, CCSP, CCIE Security or related SASE certifications.

Responsibilities

• Supporting daily operations, including internal/external stakeholder engagement and dotted-line leadership.
• Developing the enterprise-wide Zero Trust Network Access (ZTNA) and micro-segmentation architecture for new separate, secure data center zones
• Defining migration standards and best practices, ensuring that moved systems maintain high availability and performance.
• Developing implementation plans and migration strategies that allow for the secure movement of network tools into new zones with minimal disruption.
• Overseeing proof-of-concepts (PoCs) and pilot projects to validate Zero Trust solutions and micro-segmentation capabilities; this includes the Hempstead lab to validate migration procedures before production execution.
• Leading architectural strategy for global network transformations, specializing in edge security and data center isolation; this includes ensuring infrastructure resiliency through robust Out-of-Band management tooling and providing cross-continental technical leadership (US/India) during critical maintenance operations.
• Scripting to automate and streamline repetitive configuration tasks and enhance the scalability of network infrastructure.
• Ensuring design implementations across internal network segments include firewalls, proxies, Identity & Access Management (IAM) and other security policies.
• Evaluating and recommending security vendors and technologies, such as Firewalls, Proxies, and CASBs, to ensure they meet enterprise requirements.
• Building Low Level Design (LLD) diagrams that clearly outline security boundaries and communicate these goals to implementation teams.
• Collaborating with security, networking, and cloud teams to integrate identity-based security policies that protect management systems and tools.
• Defining technical standards, roadmaps, and best practices for secure network deployment, ensuring scalability and performance for tens of thousands of users.
• Partnering with IT leadership and the Enterprise Security Architect team to align network security strategies with digital transformation goals.
• Assisting with internal audit reviews. This includes producing and presenting artifacts and executive summaries to support the overall team’s mission.
• Providing technical leadership and mentorship to the engineering team, keeping them abreast of emerging vulnerabilities and exploits.
• Promoting an environment of collaboration and individual accountability when it comes to problem-solving, decision-making, and process improvements.

Benefits

• medical
• dental
• vision
• short and long term disability
• basic life insurance
• supplemental life insurance
• AD&D insurance
• identity theft protection
• pet insurance
• group home & auto insurance
• matched 401(k) savings plan
• up to 8 company paid holidays per year
• up to 6 personal days per year
• paid parental leave
• adoption assistance
• tuition assistance
• premium pay such as overtime, shift differential, holiday pay, allowances
• up to 15 days of vacation per year