Jobs · Information Technology · Tennessee

Network Security Architect - Palo Alto

Lifepoint Health® · Brentwood, TN · Yesterday
On-siteInformation TechnologyFull-time

Job Summary

The Network Security Architect is responsible for designing, governing, and continuously improving enterprise-grade network security architectures across on-premises, cloud, and hybrid environments. This role provides strategic and technical leadership across multi-vendor security platforms, including Palo Alto Networks, Cisco Meraki, and cloud-delivered security services, spanning firewall architecture, network segmentation, and zero trust in a large, geographically distributed healthcare environment.

Key Responsibilities

  • Architecture & Design

    • Lead the architecture, design, and standardization of multi-vendor network security solutions spanning NGFW, cloud-delivered security, and network access control.
    • Define secure network architectures for data centers, Azure/GCP cloud environments, branch/facility sites, and hybrid connectivity models.
    • Design network segmentation, micro segmentation, zero trust, and least-privilege architectures aligned and enterprise security frameworks.
    • Develop and maintain reference architectures, design standards, technical roadmaps, and reusable security architecture patterns.
    • Evaluate emerging network security technologies and provide adoption recommendations integrated into the enterprise security strategy.
    • Define and govern network security requirements for new facility onboarding, acquisitions, and infrastructure modernization initiatives.
  • Palo Alto Networks Platform Leadership

    • Define and govern security policy architecture across the Palo Alto platform: zone design, App-ID/User-ID enforcement, threat prevention profiles, URL filtering, DNS Security, and WildFire integration.
    • Architect Panorama-managed policy structures, including device group hierarchy, shared policy design, and rule base standards, to enforce consistent security posture across managed firewalls.
    • Lead security-focused platform migrations from legacy firewall environments to Palo Alto NGFW, ensuring policy intent and threat coverage are preserved and improved.
    • Architect Prisma Access deployments for mobile user and branch security: security policy enforcement, threat inspection, identity integration, and cloud-delivered service chaining.
  • Cisco Meraki Platform Leadership

    • Architect security enforcement across Cisco Meraki MX security appliances: threat prevention, content filtering, IDS/IPS, and site-to-site VPN design for campus and branch environments.
    • Integrate Meraki security controls with the broader security stack, including SIEM and identity systems, to achieve unified threat visibility and policy enforcement.
  • Compliance, Governance & Security Frameworks

    • Translate regulatory and compliance requirements applicable to healthcare IT environments into network security architecture decisions, design standards, and control implementations.
    • Apply recognized security frameworks, including NIST Cybersecurity Framework, NIST SP 800-53, and CIS Controls, to assess current-state security posture, identify gaps, and prioritize architecture improvements.
    • Define and enforce network security standards, architecture exception processes, and change governance procedures; conduct architecture reviews and risk assessments to support ongoing governance.
    • Support internal audits, regulatory assessments, and third-party security reviews, providing network architecture documentation, evidence, and remediation roadmaps.
  • Collaboration & Leadership

    • Serve as the primary technical authority and advisor for network security architecture across the organization.
    • Partner with Network Engineering, Security Operations, Cloud, and Application teams on design reviews, security integration, and incident response support.
    • Review and approve technical designs, change requests, and architecture exception requests.
    • Mentor network security engineers and contribute to engineering standards, design templates, and operational runbooks.
    • Present architecture proposals, risk findings, and strategic recommendations to both technical teams and senior leadership.

Required Qualifications

  • 7+ years of experience in network security engineering, network architecture, or infrastructure architecture roles.
  • Demonstrated architect-level experience with Palo Alto Networks technologies (NGFW, Panorama, Prisma) with depth in Palo Alto expected; multi-vendor breadth is a strong plus, not a disqualifier.
  • Strong expertise in NGFW policy architecture and rule base design; network segmentation and zero trust principles; routing protocols, switching, VPNs, and encrypted traffic inspection; cloud network security (Azure preferred).
  • Experience designing security solutions for large, geographically distributed enterprise environments.
  • Working knowledge of healthcare compliance requirements (HIPAA) or equivalent regulated-industry security design experience.
  • Strong documentation skills; ability to produce architecture diagrams, design standards, and stakeholder-ready presentations.

Preferred Qualifications

  • Palo Alto Networks: Specialist/Architect tier certifications
  • Cisco: CCNP Security, CCIE Security, or Cisco Meraki certifications
  • Domain Experience: Healthcare IT with multi-facility, geographically distributed network environments
  • M&A integration: assessing, onboarding, and remediating acquired entity network environments
  • Network forensics and incident response support from an architecture perspective
  • Wireless security architecture for clinical and IoT environments (medical device network segmentation)

Soft Skills

  • Strategic architectural thinking with the ability to translate complex business and regulatory requirements into security designs.
  • Ability to balance security rigor, operational performance, and business enablement making pragmatic risk-based decisions.
  • Comfortable presenting technical designs and risk tradeoffs to both engineering teams and senior leadership.
  • Proven ability to influence and drive alignment across cross-functional teams without direct authority.
  • Self-directed with strong prioritization skills in a complex, fast-paced healthcare environment.
  • Collaborative mindset: sees security architecture as an enabler, not a blocker.

Similar jobs

Network Security Architect

ConduentUnited States· 2 wk ago
RemoteInformation Technology$125k–$150k/yrapply on careers.conduent.com