Network Security Architect / Lead

Cisco Systems, Inc.
San Diego, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

San Diego, United States of America

Tech stack

Amazon Web Services (AWS)
Azure
Border Gateway Protocol
Cloud Computing
Complex Networks
Computer Security
Computer Networks
Data Architecture
Data Infrastructure
Dynamic Host Configuration Protocol
DNS
Enhanced Interior Gateway Routing Protocol
Trunking
Intrusion Detection and Prevention
Intrusion Detection Systems
Virtual Private Networks (VPN)
Information Systems Security Architecture Professional
Network Security
Network Planning and Design
Routing
Open Shortest Path First
Remote Access Technology
Zero Trust Network Access
Virtual Local Area Networks
Wi-Fi Technology
Data Center Networking
Palo Alto Networks
Enterprise Integration
Open Network Automation Platform
Cisco Switches
Cisco networks

Job description

The Network Security Architect / Lead is responsible for end to end ownership of network security architecture, with Palo Alto Networks as the primary security platform. The role also requires solid working knowledge of enterprise network data infrastructure, including Cisco switches, Meraki wireless, and Cisco DNA Center, to ensure security designs are fully integrated with campus, branch, and data center networks.

This role provides technical leadership, architectural governance, and hands on guidance to engineering teams while working closely with security, network, cloud, and operations stakeholders., 1. Network Security Architecture & Leadership (Primary)

  • Act as the technical authority for enterprise network security architecture
  • Design, standardize, and maintain Palo Alto NGFW architectures, including:
  • Zones and segmentation
  • Security and NAT policy design
  • IPS/IDS, threat prevention, URL filtering, and decryption
  • Remote access and site to site VPNs
  • Lead Panorama architecture and governance (templates, device groups, standards)
  • Review and approve firewall changes, designs, and security exceptions
  • Guide firewall migrations, upgrades, and modernization initiatives
  • Ensure adherence to security best practices and regulatory frameworks (e.g., NIST, CIS)
  1. Network Data Architecture Cisco Switching (Secondary)
  • Maintain strong architectural understanding of Cisco enterprise switching:
  • Core, distribution, and access layer design
  • VLANs, trunking, routing (OSPF/BGP/EIGRP), port channels
  • Ensure secure integration between Cisco switching and Palo Alto firewalls
  • Advise on segmentation, resiliency, and performance from a security first perspective
  • Support network design reviews where security and data networks intersect
  1. Wireless & Campus Networking Meraki / Cisco DNA
  • Provide architectural oversight for Cisco Meraki Wi Fi environments
  • Wireless policies, segmentation, and access control
  • Dashboard governance and design standards
  • Support and guide Cisco DNA Center deployments for:
  • Network automation and assurance
  • Visibility, telemetry, and compliance
  • Ensure wireless and campus networks align with enterprise security strategy
  1. Governance, Risk & Compliance
  • Define and maintain security architecture standards, SOPs, and diagrams
  • Support audits and compliance efforts (government / regulated environments)
  • Translate technical security risks into clear business impact for leadership
  • Review vendor solutions and provide architectural recommendations
  1. Collaboration & Mentorship
  • Work closely with:
  • Network engineering teams
  • Security operations and SOC teams
  • Cloud and infrastructure teams
  • Mentor engineers and provide technical guidance
  • Serve as escalation point for complex network security issues

Requirements

Must Have (Primary)

  • Strong hands on and architectural experience with Palo Alto NGFW & Panorama
  • Deep understanding of network security concepts and enterprise design
  • Proven experience designing security for large enterprise or government environments
  • Ability to lead technical discussions and make architecture decisions

Secondary / Supporting Skills

  • Solid working knowledge of:
  • Cisco enterprise switching (Data networks)
  • Cisco Meraki wireless
  • Cisco DNA Center
  • Understanding of how network data, wireless, and security architectures integrate
  • Experience working with cross functional infrastructure teams

Preferred / Nice to Have

  • Exposure to Infoblox (DNS/DHCP/IPAM)
  • Cloud networking/security experience (AWS / Azure)
  • Familiarity with Zero Trust, SASE, or Prisma Access
  • Experience in public sector, city, or regulated environments

Certifications (Preferred)

  • PCNSE or PCNSA (Palo Alto Networks)
  • CCNP / CCIE (Enterprise or Security)
  • CISSP / CISM (strongly preferred for Architect/Lead roles)

Experience Level

  • 10 15+ years overall network & security experience
  • 5+ years in senior engineering, architect, or technical lead roles, * Thinks in architecture and risk, not just configurations
  • Can explain complex security topics in simple, business friendly language
  • Comfortable leading design decisions and guiding teams
  • Strong documentation and governance mindset

Apply for this position