Zero Trust Security Architect
Arctiq · Atlanta, GA · 3 days ago
HybridContract
Responsibilities
- Design and implement enterprise Zero Trust and SASE/SSE architectures.
- Lead migration initiatives from traditional VPN solutions to modern secure access platforms.
- Design secure remote access solutions supporting on-premises, hybrid, and cloud environments.
- Architect security policies for user access, application segmentation, traffic inspection, and secure connectivity.
- Serve as the technical lead for enterprise Zero Trust initiatives.
- Collaborate with networking, cloud, identity, and security teams throughout project delivery.
- Evaluate and recommend enterprise SASE technologies and security architectures.
- Integrate secure access platforms with identity providers including Microsoft Entra ID, Active Directory, LDAP, MFA, DNS, and PKI.
- Support integrations with AWS, Microsoft Azure, endpoint security platforms, SD-WAN, and enterprise networking technologies.
- Troubleshoot complex network connectivity and security issues across Windows, Linux, and macOS environments.
- Develop technical standards, architecture documentation, and implementation best practices.
- Provide technical mentorship and guidance to engineering teams.
- Identify automation opportunities using PowerShell, Python, and REST APIs.
Qualifications
- 8+ years of experience in enterprise network security, Zero Trust, or security architecture.
- Experience designing and implementing enterprise SASE/SSE or Zero Trust Network Access (ZTNA) solutions.
- Strong understanding of SASE, SSE, and Zero Trust architecture principles.
- Experience with one or more of the following platforms: Zscaler ZPA and ZIA (preferred), Palo Alto Prisma Access, and/or Cisco Secure Access.
- Strong understanding of enterprise networking, including TCP/IP, routing, switching, DNS, and secure remote access.
- Experience with current-generation and next-generation firewall technologies and security policy management.
- Knowledge of: Deep Packet Inspection (DPI), Intrusion Detection and Prevention Systems (IDS/IPS), and Advanced Malware Protection technologies.
- Experience integrating secure access platforms with: Microsoft Entra ID, Active Directory, LDAP, MFA, DNS, and PKI.
- Experience supporting AWS and/or Microsoft Azure environments.
- Strong troubleshooting and packet analysis skills.
- Experience with enterprise-scale deployments supporting thousands of users.
- Deep experience with Zscaler ZPA and ZIA implementations.
- Experience with Palo Alto Networks firewalls, Cisco Umbrella, and SD-WAN technologies.