Aditi Consulting is hiring: Cybersecurity Architect in Santa Ana

34 minutes ago Be among the first 25 applicants
Get AI-powered advice on this job and more exclusive features.

This range is provided by Aditi Consulting. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

Base pay range

$75.00/hr - $80.00/hr.

Summary

Client is seeking a Cybersecurity Architect to support the Orange County Sheriff’s Department (OCSD) in Santa Ana, CA. The position entails providing expert technical leadership and oversight for the OCSD cybersecurity team, with a responsibility to protect OCSD assets, systems, and data against cyber threats. Primary responsibilities will be for the design, development and implementation of robust and compliant enterprise‑wide security architecture. Technical cyber services and expertise provided are associated with (but not limited to) endpoint and email security, firewall management, wireless security, virtual private technologies, and Incident Response with adherence to regulatory frameworks like CJIS.

Duties and Responsibilities

• Design, implement and maintain Palo Alto Network firewalls (NGFW), Panorama Central Management and related security services (Wildfire, Threat Prevention, URL Filtering, Anti‑Virus, etc.)
• Develop and enforce high‑level security policies, rule sets and zone segmentation to align with Zero Trust principles across the entire network.
• Serve as the top‑tier subject matter expert for all Palo‑Alto related security engineering, configuration and troubleshooting.
• Virtual Private Network technologies:
  • Architect and optimize secure remote access solutions leveraging solutions such as Palo Alto GlobalProtect or other enterprise VPN technologies ensuring least privilege and MFA requirements are enforced and properly implemented.
• Wireless Infrastructure Security:
  • Develop and enforce security policies for corporate and guest wireless networks, ensuring segmentation, use of secure authentication protocols and encryption methodology.
• DNS Security:
  • Design and implement secure DNS architecture utilizing DNSSEC or private DNS Services.
• Security Information and Event Management:
  • Lead the design and tuning of the enterprise SIEM.
  • Lead the design and tuning of device log integration into enterprise SIEM.
  • Develop advanced correlation rules, alerts, dashboards and reporting to identify, prioritize and track security threats and anomalies.
• Incident Response:
  • Develop, maintain and test the OCSD Incident Response Plan and playbooks.
  • Act as a lead resource during critical security incidents, providing technical expertise to guide the incident response lifecycle (Preparation, Detection, Containment, Eradication, Recovery, Lessons Learned).
  • Conduct post‑incident reviews to identify architectural gaps and define immediate and long‑term security enhancements.
• Regulatory Compliance – Criminal Justice Information Services (CJIS):
  • Ensure all security architectures, policies and operational procedures strictly comply with local, state and federal mandates, specifically the CJIS requirements.
  • Create and maintain enterprise‑wide security standards, security control baselines, and reference architecture to dictate how technology is securely implemented across the organization.
  • Conduct regular security assessments to identify control deficiencies and define remediation strategies.

Qualifications

• Minimum Education/Experience:
  • BS in Cybersecurity or related technical field, 7+ years relevant industry experience.
  • MS in Cybersecurity or related technical field, 5+ years relevant industry experience.
  • PhD in Cybersecurity or related technical field with 4+ years industry experience.
• Required Certifications: Certified Information Systems Security Professional (CISSP) or GIAC Reverse Engineering Malware (GREM) or similar.
• Professional experience providing expert technical leadership in support of a Security Operations Center (SOC) or similar organization that provides cyber security services.
• Strong understanding of Palo Alto Networks architecture and technologies. Expertise with Palo Alto Networks firewalls, intrusion prevention systems and other security products.
• Experience with network security design, deployment, and maintenance.
• Experience with troubleshooting security issues.
• Experience with providing support to users.
• Excellent communication and interpersonal skills.
• Strong Project Management.
• Ability to work independently and as part of a team.
• Ability to work under pressure and meet deadlines.
• Ability to work overtime as requested.
• Ability to work flexible hours including weekends and overnight.
• Ability to manage multiple projects simultaneously.

Pay Transparency

The typical base pay for this role across the U.S. is $75.00 - $80.00/hour. Non‑exempt positions are eligible for overtime at a rate of 1.5 times the base hourly rate for all hours worked in excess of 40 in a work week, or as required by state or local law. Final offer amounts, within the base pay set forth above, are determined by factors including your relevant skills, education and experience. Full‑time employees are eligible to select from different benefits packages.