Sr. Network Security Architect

Team: Engineering Pool

Location: Hybrid

Commitment: Full-time

Workplace Type: hybrid

Key Responsibilities

• Serve as the lead architect and subject matter expert (SME) for enterprise network security strategy, design, and implementation across on-premises, hybrid, and cloud environments.
• Design and implement zero trust architecture (ZTA) principles, including identity-centric access controls, micro-segmentation, continuous validation, and least-privilege enforcement.
• Develop and maintain defense-in-depth architectures that integrate network, system, identity, application, and cloud security controls into a cohesive security posture.
• Lead secure network segmentation strategies (macro and micro-segmentation) to reduce attack surface and lateral movement.
• Define and enforce network security standards, reference architectures, and technical baselines aligned to NIST, RMF, FedRAMP, and DoD security requirements.
• Provide architectural oversight for a variety of network security technologies, including firewalls, IDS/IPS, NAC, PKI, DLP, SWG, WAF, DNSSEC, RBI, email security (SPF, DKIM, DMARC, DANE, MTA-STS), DDoS protection, etc.
• Design secure connectivity solutions including VPN, SD-WAN, ZTNA, policy-based routing, dynamic routing (BGP/OSPF), and encrypted transport mechanisms (IPSEC, MACSEC, TLS).
• Collaborate with external teams and mission partners to identify redundant systems, streamline security tooling, and implement consolidated solutions that improve efficiency and reduce operational costs.
• Lead proof of concept (POC) efforts, technical evaluations, and analysis of alternatives (AoA) for emerging security technologies.
• Guide the transition of architectures from concept to production, ensuring scalability, resilience, and operational sustainability.
• Support authority to operate (ATO) efforts under NIST RMF, including implementation of NIST 800-53 controls, security documentation artifacts, and system accreditation packages.
• Provide expert-level troubleshooting and conduct root cause analysis (RCA) for complex security and network incidents.
• Lead complex network and security troubleshooting efforts, performing packet-level analysis to diagnose issues across the full technology stack and drive rapid, root-cause resolution.
• Mentor engineers and contribute to the development of internal best practices and architectural playbooks.

Required Qualifications

• Bachelor’s degree in computer science, engineering, information systems, cybersecurity, or related field (or equivalent experience).
• 8+ years of experience in network security engineering and architecture, including enterprise and federal environments.
• Demonstrated experience designing and implementing zero trust and defense-in-depth architectures.
• Strong understanding of NIST RMF, NIST SP 800-53, FedRAMP, and DoD cybersecurity frameworks.
• Exceptional written and verbal communication skills with the ability to brief technical and executive stakeholders.
• Active DoD security clearance.
• CISSP, CCSP, CCNP/CCIE Security, or equivalent certification.
• Experience supporting mission-critical federal systems.
• Authorization to work in the United States.

Benefits and Perks

• Competitive salary, paid biweekly
• $200 monthly reimbursement for cell phone and Internet
• $3000 yearly training budget
• Top-tier medical, dental, and vision insurance coverage
• Medical, dental, and vision insurance premiums covered 100% by Foxtrot Division
• Generous PTO policy with 15 days of annual leave and 11 paid holidays
• Parental leave
• On-the-spot cash awards
• Foxtrot Division sponsored events and activities