Jobs · Information Technology · Tennessee

Network Security Architect

Lifepoint Health® · Brentwood, TN · 3 wk ago
HybridInformation TechnologyFull-time

Job Summary

The Network Security Architect is responsible for designing, governing, and continuously improving enterprise-grade network security architectures across on-premises, cloud, and hybrid environments. This role provides strategic and technical leadership across multi-vendor security platforms, including Palo Alto Networks, Cisco Meraki, and cloud-delivered security services, spanning firewall architecture, network segmentation, and zero trust in a large, geographically distributed healthcare environment.

Key Responsibilities

  • Architecture & Design
    • Lead the architecture, design, and standardization of multi-vendor network security solutions spanning NGFW, cloud-delivered security, and network access control.
    • Define secure network architectures for data centers, Azure/GCP cloud environments, branch/facility sites, and hybrid connectivity models.
    • Design network segmentation, micro segmentation, zero trust, and least-privilege architectures aligned and enterprise security frameworks.
    • Develop and maintain reference architectures, design standards, technical roadmaps, and reusable security architecture patterns.
    • Evaluate emerging network security technologies and provide adoption recommendations integrated into the enterprise security strategy.
    • Define and govern network security requirements for new facility onboarding, acquisitions, and infrastructure modernization initiatives.
  • Multi-Vendor Platform Leadership
    • Palo Alto Networks
      • Define and govern security policy architecture across the Palo Alto platform: zone design, App-ID/User-ID enforcement, threat prevention profiles, URL filtering, DNS Security, and WildFire integration.
      • Arcitect Panorama-managed policy structures, including device group hierarchy, shared policy design, and rule base standards, to enforce consistent security posture across managed firewalls.
      • Lead security-focused platform migrations from legacy firewall environments to Palo Alto NGFW, ensuring policy intent and threat coverage are preserved and improved.
      • Arcitect Prisma Access deployments for mobile user and branch security: security policy enforcement, threat inspection, identity integration, and cloud-delivered service chaining.
    • Cisco Meraki
      • Architect security enforcement across Cisco Meraki MX security appliances: threat prevention, content filtering, IDS/IPS, and site-to-site VPN design for campus and branch environments.
      • Integrate Meraki security controls with the broader security stack, including SIEM and identity systems, to achieve unified threat visibility and policy enforcement.
  • Compliance, Governance & Security Frameworks
    • Translate regulatory and compliance requirements applicable to healthcare IT environments into network security architecture decisions, design standards, and control implementations.
    • Apply recognized security frameworks, including NIST Cybersecurity Framework, NIST SP 800-53, and CIS Controls, to assess current-state security posture, identify gaps, and prioritize architecture improvements.
    • Implement zero trust architecture principles, driving maturity assessment and phased adoption across network segmentation, identity enforcement, and device trust.
    • Define and enforce network security standards, architecture exception processes, and change governance procedures; conduct architecture reviews and risk assessments to support ongoing governance.
    • Support internal audits, regulatory assessments, and third-party security reviews, providing network architecture documentation, evidence, and remediation roadmaps.
  • Collaboration & Leadership
    • Serve as the primary technical authority and advisor for network security architecture across the organization.
    • Partner with Network Engineering, Security Operations, Cloud, and Application teams on design reviews, security integration, and incident response support.
    • Review and approve technical designs, change requests, and architecture exception requests.
    • Mentor network security engineers and contribute to engineering standards, design templates, and operational runbooks.
    • Present architecture proposals, risk findings, and strategic recommendations to both technical teams and senior leadership.

Required Qualifications

  • 7+ years of experience in network security engineering, network architecture, or infrastructure architecture roles.
  • Demonstrated architect-level experience with Palo Alto Networks technologies (NGFW, Panorama, Prisma) with depth in Palo Alto expected; multi-vendor breadth is a strong plus, not a disqualifier.
  • Strong expertise in NGFW policy architecture and rule base design; network segmentation and zero trust principles; routing protocols, switching, VPNs, and encrypted traffic inspection; cloud network security (Azure preferred).
  • Experience designing security solutions for large, geographically distributed enterprise environments.
  • Working knowledge of healthcare compliance requirements (HIPAA) or equivalent regulated-industry security design experience.
  • Strong documentation skills; ability to produce architecture diagrams, design standards, and stakeholder-ready presentations.

Preferred Qualifications

  • Certifications
    • Palo Alto Networks: Specialist/Architect tier certifications
    • Cisco: CCNP Security, CCIE Security, or Cisco Meraki certifications
  • Domain Experience
    • Healthcare IT with multi-facility, geographically distributed network environments
    • M&A integration: assessing, onboarding, and remediating acquired entity network environments
    • Network forensics and incident response support from an architecture perspective
    • Wireless security architecture for clinical and IoT environments (medical device network segmentation)
  • Soft Skills
    • Strategic architectural thinking with the ability to translate complex business and regulatory requirements into security designs.
    • Ability to balance security rigor, operational performance, and business enablement making pragmatic risk-based decisions.
    • Comfortable presenting technical designs and risk tradeoffs to both engineering teams and senior leadership.
    • Proven ability to influence and drive alignment across cross-functional teams without direct authority.
    • Self-directed with strong prioritization skills in a complex, fast-paced healthcare environment.
    • Collaborative mindset: sees security architecture as an enabler, not a blocker.

Similar jobs

Network Security Architect

ConduentUnited States· 1 wk ago
RemoteInformation Technology$125k–$150k/yrapply on careers.conduent.com

Network Architect

Blackstone Talent GroupVacaville, CA· Yesterday
Information Technologyapply on jobs.bstonetalent.com

Network Architect

LTMErlanger, KY· 1 wk ago
Information Technology$160k/yrapply on ltimindtree.ripplehire.com

Network Architect

Tata Consultancy ServicesCharlotte, NC· 2 wk ago
Information Technologyapply on ibegin.tcsapps.com

Network Architect

Compucom StaffingAndover, MA· 2 wk ago
Information Technologyapply on www1.jobdiva.com

Network Architect

The GVTC FoundationSmithson Valley, TX· 3 wk ago
Information Technologyapply on gvtc.com