Threat Prevention Design Architect

  • Posted 2 hours ago | Updated 2 hours ago

Overview

Remote
$60 - $70
Accepts corp to corp applications
Contract - W2
Contract - Independent
Contract - 12 Month(s)

Skills

Proxy & Web Filtering (Skyhigh/McAfee)
Malware Prevention (Trellix/FireEye)
SASE (Zscaler/Palo Alto/Netskope)
Data Loss Prevention (DLP)
Network Security Design
TCP/IP & Packet Analysis
SSL Decryption & Cryptography
Cloud Security (AWS/Azure/GCP)
Infrastructure Automation (Ansible/Terraform)
Application & Network Architecture

Job Details

Job Title: Threat Prevention Design Architect
Location: Remote (USA)
Duration: 12 Months (Contract)
Start Date: ASAP

Job Summary:

We are seeking a Threat Prevention Design Architect with deep expertise in network security design, advanced threat protection, and architecture-level infrastructure planning. This role will lead global initiatives across the Threat Prevention space, working closely with both internal leadership and external vendors to drive next-gen infrastructure solutions.

Key Responsibilities:

  • Act as the Architecture Lead for enterprise-level Threat Prevention initiatives.

  • Design secure network connectivity incorporating malware prevention, DLP, forensic analysis, and content inspection systems.

  • Build and maintain strategic security roadmaps balancing business needs, end-user experience, and cost optimization.

  • Collaborate with senior management and business stakeholders to communicate technical planning and triage.

  • Provide expert-level technical consultation to peers and other support areas.

  • Develop and present application/network architecture diagrams and executive-level summaries.

Required Skills & Experience:

  • 10+ years of IT experience with a focus on network security and infrastructure architecture.

  • Senior-level expertise in one or more of the following:

    • Proxy (Skyhigh / McAfee preferred)

    • Malware (Trellix / FireEye preferred)

    • SASE (Netskope, Palo Alto, Zscaler preferred)

    • SSL Offload (F5 preferred)

    • DLP (Vontu preferred)

  • Deep knowledge of:

    • DNS, DHCP, Firewalls, Load Balancers, IPS, Routing/Switching

    • TCP/IP, Packet Capture & Analysis

  • Experience in Day Zero threat prevention, content filtering, and DLP systems.

  • Strong understanding of cryptography, SSL decryption/offload, HSM/HSMaaS.

  • Capability to translate complex architectures into executive-level presentations.

Desired Skills:

  • Experience with:

    • Broadcom / BlueCoat Proxy Security Gateways

    • Cloud security design across Azure, AWS, Google Cloud Platform, IBM Cloud

    • Virtualization platforms: VMware ESXi, vCenter, vSAN, vMotion

    • Automation & scripting tools: Ansible, Terraform, Python, APIs

    • Web technologies: HTML, Bootstrap, SQL, Apache

  • Understanding of:

    • Cloud encryption, tokenization (e.g., Salesforce/ServiceNow integration)

    • Machine learning, data modeling, advanced analytics

  • Exposure to:

    • CipherCloud, Zscaler, Radware, Websense, Ironport, Scansafe, Damballa

    • SIEM tools like Splunk, ArcSight

Additional Notes:

  • Open to fresh resumes with strong expertise in Cisco, Arista, BGP, and Data Center Network Design.

  • Ideal candidates will be hands-on design engineers who can work independently and contribute at a strategic and tactical level.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.