A chemical manufacturing organization is seeking a highly skilled and experienced Network Security Architect with expertise in cloud security. As a Network Security Architect, you will be responsible for designing and implementing robust security solutions to protect our network infrastructure and operational systems.
About the Opportunity
- Schedule: Monday-Friday
- Setting: Hybrid - 3 days on-site
- Contract: 6+ months to start
Responsibilities:
The Information Security Architect will:
- Design and implement network security solutions with a focus on network segmentation and protection of operational infrastructure.
- Develop and implement security strategies and policies to ensure secure authentication and authorization for users, devices, and applications.
- Design and implement network segmentation strategies to protect critical network assets and data.
- Collaborate with cross-functional teams to integrate security solutions into existing infrastructure and applications
- Stay up-to-date with the latest industry trends and best practices in network security.
Qualifications:
- Strong knowledge of network security principles and best practices.
- Experience with network segmentation tools and technologies.
- Experience with network security frameworks, such as NIST, IEC 62443 or ISO 27001
- Experience in IIOT, 5G
- Familiar with global, regional regulatory requirements e.g. NIS2, CFATs, etc.
- Familiarity with identity and access management (IAM) concepts.
- Knowledge of the basic structure, architecture, and design of modern communication networks.
- Knowledge of the functions, operation and mission of Manufacturing Operations
- Knowledge of industrial network communication protocols (For example: TCP/IP, UDP, DNP3, Modbus, OPC DA, OPC UA, PROFINET, etc.).
- Knowledge of Industrial firewalls e.g. Palo Alto, Tofino.
- Knowledge about functional Safety, IEC 61511
- Knowledge of industrial firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
- Knowledge about different DCS, PLC Vendor specific security architectures (e.g. Emerson, Honeywell, Siemens, etc.
- Deep understanding of OT infrastructure security.
- Strong problem-solving and analytical skills.
- Excellent communication and collaboration skills.
- Professional certifications in network security, such as CISSP, CCSP, or CCNA Security.
- Experience with security compliance standards, such as SOC 2.
- Experience with network security tools and technologies, such as firewalls and intrusion detection systems
- Bachelor's degree in Computer Science, Information Technology, or a related field.
- Minimum of 5 years of experience in network security architecture, with a focus on network segmentation.
- 90% on site and 10% travel- Travel to other US sites with possibility of Canada/PR however, travel will likely be after rolling perm.