Senior Network Perimeter Security Architect

Atlanta, Georgia

 ABM Industries
Apply for this Job
Overview

Responsibilities:

In the role of the Sr. Network Perimeter Security Architect, you will:
  • This position is also responsible for architecting solutions to secure business-to-business initiatives, third-party relationships, outsourced solutions, and vendors.
  • Design and maintain the enterprise's perimeter security architecture, including firewalls, secure web gateways, VPNs, proxies, and DDoS mitigation.
  • Evaluate and recommend next-generation firewall (NGFW) and threat prevention technologies.
  • Lead architecture reviews and risk assessments for new network and cloud deployments.
  • Develop and enforce security standards, policies, and procedures related to perimeter defense.
  • Collaborate with network engineering, cloud operations, SOC, and application security teams.
  • Provide expert-level guidance on secure network segmentation, micro segmentation, and zero trust principles.
  • Lead security architecture initiatives in hybrid cloud environments, integrating on-prem, virtual, and cloud and native controls.
  • Evaluate new security tools, conduct POCs, and lead deployment strategies.
  • Respond to and analyze security incidents involving perimeter technologies.
  • Support regulatory and compliance initiatives (e.g., PCI DSS, HIPAA, ISO 27001, NIST).
  • Mentor junior team members and provide technical leadership across projects. Proactively analyze, identify, and resolve performance bottlenecks.
  • Assist with strategy, implementation and recovery point/time objective for business continuity and disaster recovery.
  • Stay up to date with cybersecurity threats, risks, and vulnerabilities with potential impact on services.
  • Form relationships with colleagues in operations, software development and risk management.
  • Collaborate with IT and cybersecurity leadership to develop practices to reduce attack surface, as well as countermeasures to impede internal threats and external attackers.
  • Attend project and implementation meetings and advise on secure application and infrastructure configurations.
  • Be willing to work nonstandard business hours for projects, business impact issues and incident response.
  • Assist in the definition of the strategy and technology roadmap for Network Security Architecture, assess, and deliver fit for purpose technical security solutions.
  • Identify, plan, and execute needed security changes to existing methods and techniques used throughout the organization.
  • Lead projects and initiatives with broad scope and high impact to the business and be a recognized expert in Network Security.
  • Define key performance indicators, objectives and key results, and metrics to illustrate efficacy with cloud infrastructure and applications.
  • Maintain detailed documentation, including diagrams, configurations, and procedures.
  • Stay up to date with cybersecurity threats, risks, and vulnerabilities with potential impact on services.
Technical Qualifications:
  • Familiarity with Azure and AWS
  • SaaS solutions such as Salesforce, Workday, and Office 365, SAP, OCF
  • Identity and Access Management (IAM) platforms and related protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth
  • Experience with cloud-based security platforms (ZTNA)
  • Understanding corporate network monitoring and security and common network protocols such as TCP/IP, VLANS, DNS, DHCP, radius, WIFI, Backup
  • Networking and firewalls - CISCO, FortiGate, Checkpoint, Juniper, and/or Palo Alto, Virtual Firewall appliances
  • Experience managing 20+ FW in an Enterprise
  • Experience implementing and managing End-point protection using SCCM
  • Experience with Web-Application Firewalls implementing and managing.
  • Operating systems, including Windows and Linux
Preferred Qualifications:
  • Bachelor's degree preferred in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field.
  • 7 - 10 years' experience in IT and security operations, 5 - 7 years in an architecture or lead role with a focus on cyber/perimeter network security.
  • Deep expertise with enterprise-class firewalls (e.g., Palo Alto, Fortinet, Meraki, Cisco ASA/Firepower).
  • Strong understanding of IPS/IDS, SSL decryption, NAC, and secure remote access solutions.
  • Experience with cloud-native security controls across AWS, Azure, or GCP (e.g., security groups, WAFs, transit gateways).
  • Knowledge of routing, switching, VPNs (IPSec, SSL), BGP, and SD-WAN security.
  • Familiarity with zero trust architecture and modern network access models.
  • Industry certifications such as CISSP, CCSP, CCNP Security, Palo Alto PCNSE, and similar.
  • 5 + years of experience with Cisco Identity Service Engine (ISE) or another 3rd party Network Access Control (NAC) product
  • Capacity to comprehend complex technical infrastructure, managed services, and third-party dependencies.
  • Knowledge in one or more: NIST 800-144, CIS, CSA-CCM, ISO (27040, 27017, 27001).
  • Experience with Automation/Cloud Tools (e.g., Ansible, Terraform, Kubernetes, Puppet, Python, JavaScript, Bash)
  • Enterprise Network Monitoring software experience (SolarWinds Orion)
  • Experience developing strategies for implementation of QoS, and Multicast
  • Experiencing with packet capture and analysis tools, NetFlow, IP SLA, etc.
Benefit Information:

ABM offers a comprehensive benefits package. For information about ABM's benefits, visit:

ABM Employee Benefits Staff & Management

REQNUMBER: 104222

Date Posted: 07 May 2025
Apply for this Job
Show me similar jobs
Send me jobs by email