IT: Senior IT & Cybersecurity Architect

We are looking for a Senior IT & Cybersecurity Architect to build out and upgrade end to end IT infrastructure-from secure networks and virtualized environments to cloud security and endpoint management. This is an on-site, hands-on role for someone who can design, implement, and proactively manage a highly secure, high-performance IT environment, while working closely with executive leadership to align technology with business goals., + Design, implement, and manage secure, scalable networks (LAN/WAN, VLANs, VPNs, SD-WAN) and segmentation strategies.

• Deploy and maintain virtualization infrastructure (VMware, Citrix) and containerized environments (Docker, Kubernetes).

• Architect and manage Zero Trust and zero/thin client environments for secure endpoint access.

• Configure and manage firewalls, access controls, and monitoring systems to ensure 24/7 security and availability.

• Lead user and VM provisioning, device management, and endpoint security across Windows and Linux systems.

• Implement and oversee AWS cloud security, including IAM, VPCs, S3, and centralized logging.

• Conduct regular risk assessments, propose security improvements, and lead incident response when needed.

• Develop documentation (network diagrams, SOPs, access policies) and enforce compliance with standards (NIST, ISO 27001).

• Collaborate with leadership to define IT/security roadmaps, manage priorities, and communicate risks/tradeoffs.

• Evaluate and onboard vendors, tools, and services aligned with infrastructure needs.

• PhD or Master's degree in Computer Science, Information Security, Engineering, or a related field.

• 7+ years of hands-on experience in IT infrastructure, cybersecurity architecture, and systems engineering.

• Proven experience designing and managing virtualized environments (VMware, Citrix) and containerized systems (Docker, Kubernetes).

• Strong understanding of networking principles (TCP/IP, DNS, DHCP) and practical experience configuring firewalls, VLANs, VPNs, and SD-WAN.

• Hands-on expertise in implementing Zero Trust architecture, zero/thin client infrastructure, and securing air-gapped or segmented environments.

• Deep experience with user provisioning, identity and access management (IAM), and endpoint control across Windows and Linux systems.

• Proficiency in securing and operating AWS environments, including VPC design, IAM roles, encryption, and monitoring (CloudWatch, GuardDuty).

• Familiarity with infrastructure automation tools such as PowerShell, Bash, Terraform, or Ansible.

• Experience with SIEM platforms, EDR tools, and log aggregation for detection and response (e.g. Splunk, Logz.io, SentinelOne, etc.).

• Solid grasp of cybersecurity frameworks and compliance standards such as NIST CSF, ISO 27001, HIPAA, and awareness of FDA-related frameworks (e.g. IEC 62304).

• Ability to work autonomously in a high-trust environment, define best practices, and build systems from the ground up.

• Excellent documentation and communication skills, with the ability to clearly articulate technical decisions, risk tradeoffs, and system architecture to non-technical leadership (CEO, legal, operations, etc.).

• DOD Compliance and Security Clearance preferred.

Preferred Qualifications

• Certifications: CISSP, CISM, CCNP, AWS Security Specialty, or similar.

• Familiarity with scripting/automation (e.g. PowerShell, Python, Terraform, Ansible).

• Experience working in regulated industries (biotech, pharma, healthcare).

• Knowledge of compliance frameworks: NIST CSF, ISO 27001, IEC 62304, HIPAA.

• Exposure to OT, IoT, or LIMS environments is a plus.

Nanobiosym is an award-winning company at the forefront of nanotechnology, physics, and biomedicine. Based in Cambridge, MA and founded by an MIT/Harvard alum, we are building next-generation tech solutions for healthcare.