Cybersecurity Architect (Palo Alto / Network Security)

Description:
Onsite in Tustin, CA

The Cybersecurity Architect will provide senior technical leadership to design and implement enterprise security architecture for the organization. The role focuses on Palo Alto Networks platforms, VPN, wireless security, DNS security, SIEM, incident response, and regulatory alignment with CJIS. The architect will define standards, guide policy enforcement aligned to Zero Trust, and lead incident response while collaborating with stakeholders to safeguard systems and data.

This is a contract to hire opportunity. Applicants must be willing and able to work on a w2 basis and convert to FTE following contract duration. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.

Rate: $90.00 to $95.00/hr. w2

Responsibilities:

• Design, implement, and maintain Palo Alto Networks NGFW, Panorama, and security services including WildFire, Threat Prevention, URL Filtering, and Anti-Virus.
• Develop and enforce enterprise security policies, firewall rule sets, and network segmentation aligned with Zero Trust principles.
• Serve as the senior subject matter expert for Palo Alto security engineering, configuration, and advanced troubleshooting.
• Architect and optimize secure remote access solutions using GlobalProtect or equivalent enterprise VPN technologies with MFA and least-privilege access.
• Design and enforce security standards for corporate and guest wireless, including segmentation, secure authentication, and modern encryption.
• Design and implement secure DNS architectures utilizing DNSSEC and/or private DNS services.
• Lead SIEM architecture design, implementation, and tuning; integrate security logs and develop correlation rules, alerts, dashboards, and reports.
• Develop, maintain, and test incident response plans and playbooks; act as technical lead through all phases of incident response.
• Conduct post-incident reviews to identify architectural gaps and recommend improvements.
• Ensure architectures, policies, and operations meet CJIS and applicable regulatory requirements; maintain standards, baselines, and reference architectures.
• Conduct regular security assessments to identify control gaps and define remediation strategies.

Experience Requirements:

• Experience providing expert technical leadership to a SOC or similar cybersecurity organization.
• Deep knowledge of Palo Alto Networks architecture, firewalls, intrusion prevention systems, and related security technologies.
• Strong experience in network security architecture, design, deployment, and maintenance.
• Proven ability to troubleshoot complex security issues and support end users.
• Excellent written and verbal communication skills.
• Strong project management and organizational skills.
• Ability to work independently and collaboratively in a team environment.
• Ability to perform effectively under pressure and meet deadlines.
• Willingness to work flexible schedules, including overtime, weekends, and overnight hours.
• Demonstrated ability to manage multiple simultaneous initiatives.

Education Requirements:

• Bachelor's degree in Cybersecurity or related technical field with 7+ years of relevant experience, or Master's degree with 5+ years, or PhD with 4+ years.
• CISSP (Certified Information Systems Security Professional), GREM (GIAC Reverse Engineering Malware), or similar certifications are preferred