Senior Security Architect - 100% Onsite- Holders

Great long term contract opportunity for a Senior Security Architect. This position is 100% onsite.

RESPONSIBILITIES:

Security, Compliance, and Audit Readiness

• Enforce network security controls aligned with National Institute of Standards and Technology ( NIST ), and department policy.
• Implement and maintain firewall rulesets, Network Access Control ( NAC ) solutions (e.g., Cisco Identity Service Engine ( ISE )), and endpoint access policies.
• Support the cybersecurity team in incident detection, forensic analysis, and mitigation strategies.
• Provide documentation and evidence for security audits and compliance reviews.

Implementation, Operations, and Support

• Serve as the hands-on engineer for network deployment, upgrades, and incident response.
• Configure and manage Cisco switches, routers, firewalls, WLCs, and wireless endpoints.
• Design and manage VPNs, QoS, ACLs, network monitoring, and logging systems (SolarWinds, NetFlow, SNMP).
• Strong technical and leadership experience in cybersecurity, with hands-on expertise in Incident Response, SIEM technologies, O365 Security Architecture and policy administration, and SIEM engineering.

Leadership and Staff Development

• Serve as the department s SME on enterprise security, guiding decisions across IT, public safety systems, and operations.
• Train, coach, and mentor internal IT staff, including junior and mid-level network technicians.
• Lead structured knowledge transfer sessions, hands-on training, and real-time coaching during support and implementation activities.
• Create SOPs, how-to guides, and step-by-step documentation tailored for ongoing use by internal staff.
• Support staff in preparation for certification paths (e.g., CCNA/CCNP) if desired.

TECHNICAL REQUIREMENTS:

• Strong technical and leadership experience in cybersecurity, with hands-on expertise in Incident Response, SIEM technologies, O365 Security Architecture and policy administration, and SIEM engineering.
• Cisco networking (switches, routers, firewalls, WLCs, VPNs)
• Security and compliance (CJIS, NIST, NAC, incident response, audit readiness)
• Network monitoring & management (SolarWinds, NetFlow, SNMP, ACLs, QoS)
• Leadership and mentoring (SME guidance, staff training, documentation)

Core technologies desired:

• Palo Alto Technologies (Deep technical knowledge, certification)
  Palo Alto Panorama
• Palo Alto Cortex EDR
• Palo Alto Cortex XSOAR
• Palo Alto Prisma Cloud Service
• Palo Alto NGFW
• CyberArk
• Cisco ISE
• AWS, Azure
• Azure Entra ID
• ServiceNow
• Tenable Vulnerability Management
• Terraform
• Microsoft O365

Nice-to-Have Skillsets:

• Advanced experience with CJIS/NIST compliance, endpoint access management, and security audits.
• Proficiency with Cisco WLCs, VPNs, QoS, ACLs, and network monitoring tools (SolarWinds, NetFlow, SNMP).
• SME experience in enterprise security, public safety, or government networks.
• Experience creating SOPs, training programs, and mentoring IT staff toward certifications (CCNA/CCNP).
• Strong communication skills and ability to proactively identify and mitigate network/security risks.