Sr Security Architect (100% onsite)

Position: Sr Security Architect

Location: Santa Ana, CA (Onsite only)

Duration: Contract

Note: Candidates must have to successfully complete the Live Scan/background check requirements

Job Description:

• Broad range of skills that requires deep tech knowledge and tooling in Palo Alto (hands on)
• Recent hands-on experience in network
• Looking for some understanding of SEIM technology but working knowledge is preferential
• Need security level architect; hands on and has some certs
• Someone who can be liaison between technical team and exec team to explain technical aspects in more easily digestible terms
• Focus on recent security architecture experience with hands on background with some leadership capabilities and good documentation skills
• Good documentation skills needed for this role
• OC Sheriff will be the 2nd round interview and on site; will want to meet someone in person before making an offer
• Tech Stack:
• Palo Alto Panorama
• Palo Alto Cortex EDR
• Palo Alto Cortex XSOAR
• Palo Alto Prisma Cloud Service
• Palo Alto NGFW
• CyberArk
• Cisco ISE
• AWS, Azure
• SIEM: XSIAM

Role Overview & Expectations

• This is a senior-level Security Architect role requiring a strong foundation in network security and security infrastructure.
• Many candidates have solid network security backgrounds but lack true security architecture experience and exposure across multiple environments/verticals.
• The client is looking for hands-on architects who are comfortable configuring and implementing solutions themselves-not purely advisory.
• Some candidates lean heavily toward compliance but are weaker in architecture and technical design.

Ideal Candidate Profile

• Well-rounded security professional with hands-on experience and strong foundational security knowledge.
• Certifications such as CISSP are highly preferred.
• Candidates should be able to confidently answer architectural questions (e.g., SIEM recommendations and design rationale).
• Prior experience leading migrations is helpful, but hands-on participation is critical.

Security, Compliance, and Audit Readiness

• Enforce network security controls aligned with Criminal Justice Information Services ("CJIS"), National Institute of Standards and Technology ("NIST"), and department policy.
• Implement and maintain firewall rulesets, Network Access Control ("NAC") solutions (e.g., Cisco Identity Service Engine ("ISE")), and endpoint access policies.
• Support the cybersecurity team in incident detection, forensic analysis, and mitigation strategies.
• Provide documentation and evidence for security audits and compliance reviews.

Implementation, Operations, and Support

• Serve as the hands-on engineer for network deployment, upgrades, and incident response.
• Configure and manage Cisco switches, routers, firewalls, WLCs, and wireless endpoints.
• Design and manage VPNs, QoS, ACLs, network monitoring, and logging systems (SolarWinds, NetFlow, SNMP).

SME Leadership and Staff Development

• Serve as the department's SME on enterprise security, guiding decisions across IT, public safety systems, and operations.
• Train, coach, and mentor internal IT staff, including junior and mid-level network technicians.
• Lead structured knowledge transfer sessions, hands-on training, and real-time coaching during support and implementation activities.
• Create SOPs, how-to guides, and step-by-step documentation tailored for ongoing use by internal staff.
• Support staff in preparation for certification paths (e.g., CCNA/CCNP) if desired.

Best Regards,

T Chandra Sekhar - Technical Sr. Recruiter

Agile Global Solutions, Inc ....."Empowering Enterprises"

193 Blue Ravine Road, Suite 160, Folsom, CA 95630

Direct - 916-413-7282

Sekhar@agileglobalsolutions.com | www.agileglobal.com