Network Security Architect (Senior Role) Onsite Role
San Diego, California, United States of America
Contract
2 hours ago
Key skills
AWSAzurePrismaLeadershipCollaborationNetwork SecurityZero TrustFirewall
About this role
Role: Network Security Architect / Lead Palo Alto (Cisco Data, Meraki & DNA)
Location San Diego CA on site
Role Overview
The Network Security Architect / Lead is responsible for end to end ownership of network security architecture, with Palo Alto Networks as the primary security platform.
The role also requires solid working knowledge of enterprise network data infrastructure, including Cisco switches, Meraki wireless, and Cisco DNA Center, to ensure security designs are fully integrated with campus, branch, and data center networks.
This role provides technical leadership, architectural governance, and hands on guidance to engineering teams while working closely with security, network, cloud, and operations stakeholders.
Key Responsibilities
1. Network Security Architecture & Leadership (Primary)
- Act as the technical authority for enterprise network security architecture
- Design, standardize, and maintain Palo Alto NGFW architectures, including:
- Zones and segmentation
- Security and NAT policy design
- IPS/IDS, threat prevention, URL filtering, and decryption
- Remote access and site to site VPNs
- Lead Panorama architecture and governance (templates, device groups, standards)
- Review and approve firewall changes, designs, and security exceptions
- Guide firewall migrations, upgrades, and modernization initiatives
- Ensure adherence to security best practices and regulatory frameworks (e.g., NIST, CIS)
2. Network Data Architecture Cisco Switching (Secondary)
- Maintain strong architectural understanding of Cisco enterprise switching:
- Core, distribution, and access layer design
- VLANs, trunking, routing (OSPF/BGP/EIGRP), port channels
- Ensure secure integration between Cisco switching and Palo Alto firewalls
- Advise on segmentation, resiliency, and performance from a security first perspective
- Support network design reviews where security and data networks intersect
3. Wireless & Campus Networking Meraki / Cisco DNA
- Provide architectural oversight for Cisco Meraki Wi Fi environments
- Wireless policies, segmentation, and access control
- Dashboard governance and design standards
- Support and guide Cisco DNA Center deployments for:
- Network automation and assurance
- Visibility, telemetry, and compliance
- Ensure wireless and campus networks align with enterprise security strategy
4. Governance, Risk & Compliance
- Define and maintain security architecture standards, SOPs, and diagrams
- Support audits and compliance efforts (government / regulated environments)
- Translate technical security risks into clear business impact for leadership
- Review vendor solutions and provide architectural recommendations
5. Collaboration & Mentorship
- Work closely with:
- Network engineering teams
- Security operations and SOC teams
- Cloud and infrastructure teams
- Mentor engineers and provide technical guidance
- Serve as escalation point for complex network security issues
Required Skills & Experience
Must Have (Primary)
- Strong hands on and architectural experience with Palo Alto NGFW & Panorama
- Deep understanding of network security concepts and enterprise design
- Proven experience designing security for large enterprise or government environments
- Ability to lead technical discussions and make architecture decisions
Secondary / Supporting Skills
- Solid working knowledge of:
- Cisco enterprise switching (Data networks)
- Cisco Meraki wireless
- Cisco DNA Center
- Understanding of how network data, wireless, and security architectures integrate
- Experience working with cross functional infrastructure teams
Preferred / Nice to Have
- Exposure to Infoblox (DNS/DHCP/IPAM)
- Cloud networking/security experience (AWS / Azure)
- Familiarity with Zero Trust, SASE, or Prisma Access
- Experience in public sector, city, or regulated environments
Certifications (Preferred)
- PCNSE or PCNSA (Palo Alto Networks)
- CCNP / CCIE (Enterprise or Security)
- CISSP / CISM (strongly preferred for Architect/Lead roles)
Experience Level
- 10 15+ years overall network & security experience
- 5+ years in senior engineering, architect, or technical lead roles
Ideal Candidate Profile
- Thinks in architecture and risk, not just configurations
- Can explain complex security topics in simple, business friendly language
- Comfortable leading design decisions and guiding teams
- Strong documentation and governance mindset