Network Security Architect

Overview

On Site
Depends on Experience
Contract - W2
Contract - Independent
Contract - 12 Month(s)
No Travel Required

Skills

Zscalar
Palo Alto

Job Details

Position: Network Security Architect

Location: Wilmington, Delaware or Jersey City, NJ (5 days onsite)

Duration: 12 Months with possible extensions

Position Overview:

WWT has an exciting opportunity for a Network Security Architect to support a financial services client in designing and implementing advanced traffic visibility and packet capture architectures across hybrid environments. This role plays a critical part in securing cloud and on-premise infrastructure through comprehensive inspection, decryption, and data forwarding solutions. The ideal candidate will leverage tools such as Palo Alto, Zscaler, Coralight, and TAP technologies to enable deep packet inspection, policy enforcement, and integration with SASE and DLP platforms.

Key Responsibilities

Architect and implement comprehensive traffic visibility solutions across cloud and on-premise networks.

Design secure pipelines for data ingestion, such as exporting Palo Alto traffic logs to AWS S3 for analytics and DLP use.

Deploy and optimize TAP and packet broker infrastructure (e.g., Coralight, Gigamon alternatives) for scalable packet inspection.

Integrate decryption strategies to support visibility into encrypted traffic for both internal systems and end users.

Collaborate with security architects to embed SASE principles and policy enforcement into network inspection workflows.

Guide segmentation and traffic flow strategies across hybrid infrastructure using Palo Alto, Zscaler, and TAP technologies.

Act as a technical liaison between internal teams and OEMs to ensure alignment of traffic visibility solutions with performance and compliance requirements.

Required Qualifications

7+ years of experience in network security architecture with a strong emphasis on visibility and packet-level analysis

Hands-on expertise with:

Palo Alto (firewalls, decryption, traffic forwarding)

Zscaler traffic inspection and logging

Coralight or comparable network visibility platforms

TAPs and packet brokers (Gigamon or similar)

Deep understanding of encrypted traffic decryption, data forwarding, and cloud-based storage integration (e.g., AWS S3)

Experience architecting solutions across hybrid cloud/on-premise environments

Familiarity with SASE frameworks and secure architecture principles

Excellent communication, documentation, and cross-functional collaboration skills

Preferred Qualifications

Experience with telco backbone monitoring tools (e.g., CenturyLink Wire)

Knowledge of AWS or Azure cloud TAPs and cloud-native visibility configurations

Relevant certifications such as PCNSE, ZCCA-IA, or CISSP

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.