Senior Security Architect

Senior Security Architect

Key Responsibilities

1. Implementation, Operations & Support
2. Serve as the hands-on lead engineer for network deployment, upgrades, and incident response.
3. Configure and manage Cisco switches, routers, firewalls, WLCs, and wireless endpoints.
4. Design and manage VPNs, QoS, ACLs, network monitoring, and logging systems (SolarWinds, NetFlow, SNMP).
5. Act as the Level 4 escalation point for complex network issues and performance tuning.
6. Security, Compliance & Audit Readiness
7. Enforce network security controls aligned with CJIS, NIST, and department policy.
8. Implement and maintain firewall rulesets, NAC solutions (e.g., Cisco ISE), and endpoint access policies.
9. Support the cybersecurity team in incident detection, forensic analysis, and mitigation strategies.
10. Provide documentation and evidence for security audits and compliance reviews.
11. SME Leadership & Staff Development
12. Serve as the department s Subject Matter Expert (SME) on enterprise networking, guiding decisions across IT, public safety systems, and operations.
13. Train, coach, and mentor internal IT staff, including junior and mid-level network technicians.
14. Lead structured knowledge transfer sessions, hands-on training, and real-time coaching during support and implementation activities.
15. Create SOPs, how-to guides, and step-by-step documentation tailored for ongoing use by internal staff.
16. Support staff in preparation for certification paths (e.g., CCNA/CCNP) if desired.
17. Required Qualifications
18. 10+ years of enterprise network security and engineering experience.
19. Extensive experience designing and managing Cisco-based network environments, including:
20. Palo Alto Panorama, Firewalls
21. Cisco ASA, Firepower/FTD firewalls

iii. Cisco Catalyst, Nexus, ISR/ASR

1. Cisco ISE, AnyConnect, VPN solutions
2. Routing protocols: OSPF, BGP, EIGRP
3. Wireless networks: WLCs, Aironet/Meraki
4. Deep understanding of public safety network requirements, including QoS for voice/video systems.
5. Hands-on experience integrating with Public Safety Applications and Systems.
6. Experience training or mentoring technical teams in enterprise environments.
7. Strong documentation and communication skills.

1. Preferred Qualifications
2. Prior experience working in law enforcement, government, or public safety IT environments.
3. Familiarity with CJIS, NIST, FedRAMP, or state compliance frameworks.
4. Certifications (preferred):
5. Cisco Certified Network Professional (CCNP) Required
6. Cisco Certified Internetwork Expert (CCIE) Security Preferred

iii. Cisco Certified Specialist Security or Wireless Bonus

1. CISSP, Fortinet NSE, Aruba, or other relevant credentials Bonus
2. Engagement Details
3. Location: 100% On-Site
4. Work Hours: 40 hours per week; overtime, weekends, and after-hours support required as needed
5. Travel: Local travel to agency locations may be required
6. Equipment: Department-issued laptop/tools
7. Security Requirement: Must pass the department background check

Experience: Minimum 10-12 years (the more experience the better)

Certifications:

CCNP preferred, but experience outweighs certs

Palo Alto certifications prioritized, but experience outweighs certs

Technology Stack:

Palo Alto Panorama

Palo Alto Cortex EDR

Palo Alto Cortex XSOAR

Palo Alto Prisma Cloud Service

Palo Alto NGFW

CyberArk

Cisco ISE

AWS, Azure

Azure Entra ID

ServiceNow

Tenable Vulnerability Management

Terraform

Microsoft O365

Notes:

Palo Alto (60% priority)

SIEM/XOR (10%)

Other cybersecurity tools (20-30%)

CyberArk is a bonus

Soft Skills:

Architecture

Strategic vision + hands-on capability

Comfortable managing a team (8 12 people)