TOMORROW HIRE

Cloud Network Security Architect, SME – Public Trust/Secret Clearance

TOMORROW HIRE

full-time

Posted on:

Location Type: Remote

Location: District of ColumbiaWashingtonUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $160,000 - $190,000 per year

Tech Stack

AWSCloudFirewallsTerraform

About the role

  • Architect and manage complex AWS network environments to meet TIC 3.0 and federal security standards.
  • Deploy and manage Palo Alto VM-Series firewalls in AWS, including configuration of GlobalProtect, Panorama, and security policy orchestration.
  • Use Terraform or CloudFormation to deploy major networking components via Infrastructure as Code (IaC), ensuring repeatable, documented, and auditable environments.
  • Configure, troubleshoot, and maintain hybrid connectivity solutions, including AWS Direct Connect, Site-to-Site VPNs, and SD-WAN integrations.
  • Design and implement Transit Gateway architecture and VPC Peering in multi-account AWS environments.
  • Apply Zero Trust principles and TIC 3.0 requirements within AWS and Palo Alto ecosystems to enhance application and network security.
  • Serve as the primary (or sole) Network Architect/Engineer responsible for discovery, documentation, design, and execution of network security solutions with minimal supervision.
  • Collaborate with stakeholders to ensure secure, compliant network designs that support mission-critical federal applications.

Requirements

  • 5+ years of experience architecting and managing complex AWS network environments
  • 3+ years of experience deploying and managing Palo Alto VM-Series firewalls within a public cloud environment (AWS), including with Global Protect, Panorama, and security policy orchestration
  • 2+ years of experience with Terraform or CloudFormation, including using IaC to deploy major networking components to ensure repeatable, documented environments
  • Experience with Hybrid Connectivity and WAN, including configuring and troubleshooting AWS Direct Connect, Site-to-Site VPNs, and SD-WAN integrations to maintain hybrid-cloud connectivity
  • Knowledge of Transit Gateway architecture and VPC Peering in multi-account environments
  • Knowledge of implementing Zero Trust or TIC 3 principles within an AWS or Palo Alto ecosystem
  • Ability to function as the sole Network Architect or Engineer to be responsible for discovery, documentation, and execution with minimal supervision
  • Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements
  • HS diploma or GED
Benefits
  • Health, Vision, and Dental Insurance
  • PTO
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
AWSPalo Alto VM-Series firewallsGlobalProtectPanoramaTerraformCloudFormationInfrastructure as CodeAWS Direct ConnectSite-to-Site VPNsSD-WAN
Soft Skills
collaborationdocumentationdesignexecutionminimal supervision
Certifications
Public TrustSuitability/Fitness determination