Cybersecurity Architect

Description:On-site in Orange, CA

Our client seeks a Cybersecurity Architect to support the Orange County Sheriff's Department. This role provides technical leadership for enterprise security architecture, safeguarding assets, systems, and data against cyber threats with a focus on Palo Alto Networks, VPN, wireless security, DNS security, SIEM, incident response, and CJIS compliance. The position is 100% on-site in Santa Ana, CA with responsibilities spanning design, implementation, and continuous improvement of security controls and standards.

This is a contract to hire opportunity. Applicants must be willing and able to work on a w2 basis and convert to FTE following contract duration. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.

Rate: $85.00 to $90.00/hr. w2

Responsibilities:

• Design, implement, and maintain Palo Alto Networks NGFW, Panorama, and related services including WildFire, Threat Prevention, URL Filtering, and Anti-Virus.
• Develop and enforce security policies, rule sets, and network segmentation aligned to Zero Trust principles.
• Serve as top-tier subject matter expert for Palo Alto security engineering, configuration, and troubleshooting.
• Architect and optimize secure remote access using solutions such as Palo Alto GlobalProtect with least privilege and MFA.
• Develop and enforce secure policies for corporate and guest wireless, including segmentation, authentication, and encryption.
• Design and implement secure DNS architecture using DNSSEC or private DNS services.
• Lead design and tuning of the enterprise SIEM, including device log integration, correlation rules, alerts, dashboards, and reporting.
• Develop, maintain, and test the Incident Response Plan and playbooks. Lead response lifecycle and conduct post-incident reviews.
• Ensure adherence to CJIS and other mandates. Create and maintain security standards, baselines, and reference architectures.
• Conduct regular security assessments to identify control deficiencies and define remediation strategies.

Experience Requirements:

• Professional leadership experience supporting a SOC or similar cybersecurity service organization.
• Strong understanding of Palo Alto Networks architecture and technologies including firewalls and intrusion prevention.
• Experience in network security design, deployment, maintenance, and troubleshooting.
• Experience providing user support and clear technical communication.
• Project management capability and ability to manage multiple projects.
• Ability to work independently and collaboratively under deadlines with flexible hours, including overtime, weekends, and overnight as needed.
• Experience identifying security risks, developing mitigation plans, and implementing security tools and services.
• Experience developing and interpreting security policies and participating in compliance efforts.
• Experience with training and security awareness content development.
• Experience evaluating and recommending security products and technologies.
• Detailed knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security.
• Experience with vulnerability testing and auditing at infrastructure or application level.

Education Requirements:

• BS in Cybersecurity or related technical field with 7+ years of relevant experience, or
• MS in Cybersecurity or related technical field with 5+ years of relevant experience, or
• PhD in Cybersecurity or related technical field with 4+ years of industry experience.
• Required certification: CISSP or GREM or similar. Other relevant certifications such as GCIH or CEH are beneficial.