Senior Security Architect

Sr. Security Architect- Santa Ana, CA

**Must be strictly local and open to onsite work

**Must be open to W2/1099 contracts (NO C2C)

Important Skills:

IDEAL CANDIDATE PROFILE:

• Well-rounded security professional with hands-on experience and strong foundational security knowledge.
• Certifications such as CISSP are highly preferred.
• Candidates should be able to confidently answer architectural questions (e.g., SIEM recommendations and design rationale).
• Prior experience leading migrations is helpful, but hands-on participation is critical.

Role overview and expectations:

• This is a senior-level Security Architect role requiring a strong foundation in network security and security infrastructure.
• Many candidates have solid network security backgrounds but lack true security architecture experience and exposure across multiple environments/verticals.
• The client is looking for hands-on architects who are comfortable configuring and implementing solutions themselves—not purely advisory.
• Some candidates lean heavily toward compliance but are weaker in architecture and technical design.
• Cybersecurity concepts such as Incident Response, SIEM technology, O365 Security Architecture and Policy administration and SIEM Engineering
• Cisco networking (switches, routers, firewalls, WLCs, VPNs)
• Security and compliance (CJIS, NIST, NAC, incident response, audit readiness)
• Network monitoring & management (SolarWinds, NetFlow, SNMP, ACLs, QoS)
• Leadership and mentoring (SME guidance, staff training, documentation)
• Strong architecture and documentation skills are more important than direct XSIAM experience.
• Experience with security operations (XDR/XSIAM) is a plus, but not mandatory.
• OC Sheriff is a Palo Alto XSIAM customer.
• XSIAM is relatively new and less common than Splunk or traditional SIEM/XDR tools.
• Palo Alto acquired XSIAM through the IBM QRadar install base acquisition.
• Splunk remains dominant, with Microsoft Sentinel growing in adoption.
• Finding candidates with direct, recent XSIAM experience may be challenging.
• Recent security architecture experience
• Hands-on Palo Alto expertise
• Strong documentation abilities
• Other skills are considered nice-to-haves
• A “true” Security Architect with a strong foundation should cover 80–90% of the requirements
• The Security Architect must act as a bridge between:
• Technical teams
• Management
• Executive leadership
• Must be able to translate technical concepts into clear, non-technical explanations.
• Recent, hands-on experience “in the trenches” is critical.
• Candidates must demonstrate:
• Strong documentation skills
• Ability to design, implement, and explain firewall and security architecture
• Quote from client sentiment:

“If you can’t document, that’s just as unhelpful as someone who hasn’t touched a firewall in a while.”

• Ideal candidates can both manage and configure, and clearly articulate:
• Migration steps (e.g., firewall-to-firewall)
• Network and security architecture designs
• Looking for candidates who:
• Have actively participated in migrations
• Have recent keyboard-level experience
• Can clearly explain technical steps and decisions

Tech Stack:

Palo Alto Technologies (Deep technical knowledge, certification)

Palo Alto Panorama

Palo Alto Cortex EDR

Palo Alto Cortex XSOAR

Palo Alto Prisma Cloud Service

Palo Alto NGFW

CyberArk

Cisco ISE

AWS, Azure

Azure Entra ID

ServiceNow

Tenable Vulnerability Management

Terraform

Microsoft O365

• Networking & Security Devices: Cisco switches, routers, firewalls, WLCs, VPNs
• Network Access & Security: Cisco ISE (NAC), endpoint access policies, firewall rule management
• Monitoring & Logging: SolarWinds, NetFlow, SNMP
• Standards & Compliance: CJIS, NIST, departmental security policies
• Certifications & Training: CCNA/CCNP pathways, internal staff coaching, SOPs and documentation

Important Soft Skills:

• Strong Communication: Clear verbal and written skills for training, documentation, and reporting.
• Leadership & Mentoring: Ability to guide IT staff, serve as SME, and lead knowledge transfer.
• Attention to Detail: Accurate compliance, audit documentation, and security implementation.
• Problem-Solving & Analytical Thinking: Troubleshoot complex network/security issues and perform forensic analysis.
• Collaboration & Teamwork: Work effectively with cybersecurity teams, IT staff, and operations.
• Initiative & Proactivity: Anticipate issues, take ownership of deployments, and improve processes.
• Confidentiality & Professionalism: Handle sensitive information responsibly and maintain discretion.

Day in the Life:

This role is a hands-on, highly technical, and leadership-oriented position supporting OC Sheriff’s IT and security operations through SAIC. A typical day may include:

• Security, Compliance, and Audit Readiness
• Monitoring network security controls to ensure alignment with CJIS, NIST, and internal policies.
• Updating and managing firewall rules, NAC solutions (like Cisco ISE), and endpoint access policies.
• Assisting the cybersecurity team with incident detection, forensic analysis, and mitigation strategies.
• Preparing documentation and evidence for audits and compliance reviews.
• Implementation, Operations, and Support
• Deploying, upgrading, and troubleshooting network equipment, including Cisco switches, routers, firewalls, WLCs, and wireless endpoints.
• Configuring and managing VPNs, QoS, ACLs, network monitoring, and logging systems (e.g., SolarWinds, NetFlow, SNMP).
• Responding to incidents and ensuring network reliability and security.
• SME Leadership and Staff Development
• Acting as the subject matter expert (SME) for enterprise security, providing guidance to IT staff and leadership.
• Training, mentoring, and coaching junior and mid-level technicians on network security and operational best practices.
• Creating SOPs, how-to guides, and documentation to support internal staff and ongoing operations.
• Supporting staff in professional development and certification paths (e.g., CCNA/CCNP).
• Additional Responsibilities
• Completing other tasks related to network security, operations, and support as assigned by OC Sheriff.

In essence: The day blends technical hands-on network and security work, proactive monitoring and incident response, compliance documentation, and leadership/mentoring of internal staff. It requires both deep technical expertise and the ability to communicate, guide, and educate others effectively.

Certifications:

The JD explicitly mentions supporting staff in preparation for CCNA/CCNP certifications, which suggests these are encouraged but not mandatory.

Candidates with relevant hands-on experience in Cisco networking, firewall management, and CJIS/NIST compliance could qualify even without certifications.

Years of Experience:

The role is senior-level, combining hands-on technical expertise with leadership and compliance knowledge. A reasonable expectation would be 7–10 years of combined network engineering and cybersecurity experience, with demonstrated exposure to government or public safety environments being highly valuable.

Best Regards.

Sara RG,

DRS IT Solutions, Inc

28175 Haggerty Road,

Novi, MI 48377

(C) 248-440-7600 EXT -4

sara@drsitsolutions.com