• Senior Network Perimeter Security Architect

    ABM Industries (Atlanta, GA)


    Overview

    Responsibilities:

    In the role of the Sr. Network Perimeter Security Architect, you will:

     

    + This position is also responsible for architecting solutions to secure business-to-business initiatives, third-party relationships, outsourced solutions, and vendors.

    + Design and maintain the enterprise’s perimeter security architecture, including firewalls, secure web gateways, VPNs, proxies, and DDoS mitigation.

    + Evaluate and recommend next-generation firewall (NGFW) and threat prevention technologies.

    + Lead architecture reviews and risk assessments for new network and cloud deployments.

    + Develop and enforce security standards, policies, and procedures related to perimeter defense.

    + Collaborate with network engineering, cloud operations, SOC, and application security teams.

    + Provide expert-level guidance on secure network segmentation, micro segmentation, and zero trust principles.

    + Lead security architecture initiatives in hybrid cloud environments, integrating on-prem, virtual, and cloud and native controls.

    + Evaluate new security tools, conduct POCs, and lead deployment strategies.

    + Respond to and analyze security incidents involving perimeter technologies.

    + Support regulatory and compliance initiatives (e.g., PCI DSS, HIPAA, ISO 27001, NIST).

    + Mentor junior team members and provide technical leadership across projects.  Proactively analyze, identify, and resolve performance bottlenecks.

    + Assist with strategy, implementation and recovery point/time objective for business continuity and disaster recovery.

    + Stay up to date with cybersecurity threats, risks, and vulnerabilities with potential impact on services.

    + Form relationships with colleagues in operations, software development and risk management.

    + Collaborate with IT and cybersecurity leadership to develop practices to reduce attack surface, as well as countermeasures to impede internal threats and external attackers.

    + Attend project and implementation meetings and advise on secure application and infrastructure configurations.

    + Be willing to work nonstandard business hours for projects, business impact issues and incident response.

    + Assist in the definition of the strategy and technology roadmap for Network Security Architecture, assess, and deliver fit for purpose technical security solutions.

    + Identify, plan, and execute needed security changes to existing methods and techniques used throughout the organization.

    + Lead projects and initiatives with broad scope and high impact to the business and be a recognized expert in Network Security.

    + Define key performance indicators, objectives and key results, and metrics to illustrate efficacy with cloud infrastructure and applications.

    + Maintain detailed documentation, including diagrams, configurations, and procedures.

    + Stay up to date with cybersecurity threats, risks, and vulnerabilities with potential impact on services.

    Technical Qualifications:

    + Familiarity with Azure and AWS

    + SaaS solutions such as Salesforce, Workday, and Office 365, SAP, OCF

    + Identity and Access Management (IAM) platforms and related protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth

    + Experience with cloud-based security platforms (ZTNA)

    + Understanding corporate network monitoring and security and common network protocols such as TCP/IP, VLANS, DNS, DHCP, radius, WIFI, Backup

    + Networking and firewalls – CISCO, FortiGate, Checkpoint, Juniper, and/or Palo Alto, Virtual Firewall appliances

    + Experience managing 20+ FW in an Enterprise

    + Experience implementing and managing End-point protection using SCCM

    + Experience with Web-Application Firewalls implementing and managing.

    + Operating systems, including Windows and Linux

    Preferred Qualifications:

    + Bachelor’s degree preferred in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field.

    + 7 - 10 years’ experience in IT and security operations, 5 – 7 years in an architecture or lead role with a focus on cyber/perimeter network security.

    + Deep expertise with enterprise-class firewalls (e.g., Palo Alto, Fortinet, Meraki, Cisco ASA/Firepower).

    + Strong understanding of IPS/IDS, SSL decryption, NAC, and secure remote access solutions.

    + Experience with cloud-native security controls across AWS, Azure, or GCP (e.g., security groups, WAFs, transit gateways).

    + Knowledge of routing, switching, VPNs (IPSec, SSL), BGP, and SD-WAN security.

    + Familiarity with zero trust architecture and modern network access models.

    +  Industry certifications such as CISSP, CCSP, CCNP Security, Palo Alto PCNSE, and similar.

    + 5 + years of experience with Cisco Identity Service Engine (ISE) or another 3rd party Network Access Control (NAC) product

    + Capacity to comprehend complex technical infrastructure, managed services, and third-party dependencies.

    + Knowledge in one or more: NIST 800-144, CIS, CSA-CCM, ISO (27040, 27017, 27001).

    + Experience with Automation/Cloud Tools (e.g., Ansible, Terraform, Kubernetes, Puppet, Python, JavaScript, Bash)

    + Enterprise Network Monitoring software experience (SolarWinds Orion)

    + Experience developing strategies for implementation of QoS, and Multicast

    + Experiencing with packet capture and analysis tools, NetFlow, IP SLA, etc.

    Benefit Information:

    ABM offers a comprehensive benefits package. For information about ABM’s benefits, visit:

     

    ABM Employee Benefits | Staff & Management (https://wpe-media.abm.com/wp-content/uploads/2025/ABM\_2025\_Employee\_Benefits\_Staff\_&\_Management\_No%20Date%209.5.24.pdf)

    REQNUMBER: 104222