Network Security Architect - Detection & Protection

We are seeking a Network Security Architect to lead the design, deployment, and optimization of advanced network detection and protection capabilities across our enterprise. This individual will play a key role in enabling threat-informed defense strategies and ensuring malicious activity is detected and mitigated before it can cause impact.

This is a hands-on, strategic role-ideal for a seasoned security architect with deep expertise in network-layer defenses, strong architectural thinking, and experience contributing to complex investigations and incident response efforts.

You'll lead efforts to identify where and how we collect network telemetry to support threat detection and architect smart, effective defenses across our hybrid environment. This includes recommending the placement and configuration of technologies such as NDR sensors, SWG, SSE, API gateways, and NGFWs-based on risk, threat modeling, and telemetry value.

• Serve as the network detection strategy lead-identifying where and how we collect network telemetry to support threat detection.
• Ensure telemetry is strategically collected to support detection, investigation, and threat hunting across cloud and on-prem environments.
• Architect and optimize network security threat detection technologies, including:
  • NDR and NGFWs
  • SWG and/or SSE
  • API gateways
  • DDoS protection platforms
  • WAF and RASP solutions
• Serve as the technical lead and escalation point for network detection and protection engineering.
• Develop and maintain detection logic informed by MITRE ATT&CK and current adversary tactics.
• Partner with CTI and purple teams to simulate and detect real-world attack techniques and validate the effectiveness of the network detection and protection toolset.
• Collaborate with the SOC to optimize telemetry from network and enterprise services for threat detection (e.g., SIEM, NDR, proxy/firewall logging).
• Support Tier 3 incident response, especially for network-centric attacks or evasive techniques.
• Conduct assessments, audits, and configuration reviews of network security platforms.
• Lead or guide cross-functional security projects aimed at enhancing enterprise detection maturity.

• Bachelor's degree in Cybersecurity or a related field.
• 7+ years of experience in security engineering with strong expertise in network detection and protection.
• At least one of the following (or similar) certifications: CCNA, PCNSA, GCIA, GCTI, OSCP, Security+, CISSP
• Proven experience architecting secure network defenses for large, complex organizations.
• Strong understanding of MITRE ATT&CK, adversary behaviors, and detection engineering principles.
• Experience tuning and optimizing SIEM, NDR, NGFWs, or security analytics platforms.
• Hand-on experience with NDR, NGFWs, SWG/SSE, Netflow & packet analysis, threat hunting, and log correlation techniques (L3-L7).
• Familiarity with DDoS protection platforms (e.g., Azure, AWS, or Google native services).
• Demonstrated ability to lead technical investigations and collaborate across disciplines.

• At least two of the following (or similar) certifications: CCNA, PCNSA, GCIA, GCTI, OSCP, Security+, CISSP
• Experience with WAF, API Gateways, and DDos protection platforms
• Familiarity with NIST CSF and CIS Controls.
• Experience working in or supporting security for manufacturing or industrial organization