"Alerted.org

Job Description Summary

At GE Aerospace, we are committed to delivering next-generation network security solutions aligned with Zero Trust principles to safeguard our digital infrastructure. We are seeking a highly skilled Senior Staff Network Architect to lead the evolution of our perimeter security — from managing today’s firewall and policy automation platforms (e.g., AlgoSec) to driving the adoption of Zscaler and complementary Zero Trust edge technologies, including Web Application Firewalls (Cloudflare). This pivotal role will ensure the security, scalability, and resilience of our global network as we transition from traditional firewalls to a modern, cloud-delivered security edge. The architect will also oversee and hold accountable our operational services provider to ensure consistent, high-quality delivery of security operations.

Job Description

Position Summary

The Senior Staff Network Architect will be responsible for the comprehensive lifecycle management of existing firewall systems while architecting our Zero Trust future. This includes designing, deploying, and eventually reducing dependency on traditional firewalls as Zscaler and other Zero Trust-aligned solutions — such as WAFs for application-layer protection — become the foundation of network security at GE Aerospace. The role requires extensive experience in networking and security architecture, coupled with a forward-looking mindset to drive adoption of modern, cloud-based security services.

In addition, the architect will oversee and manage external operational services partners, holding them accountable for operational excellence, compliance, and alignment with GE Aerospace’s security strategy.

Key Responsibilities

+ **Zero Trust & Network Edge:** Define and execute the roadmap to transition from traditional firewalls to Zscaler (ZIA/ZPA) and integrate WAF solutions such as Cloudflare to strengthen application and user access security.

+ **Firewall & WAF Lifecycle Management:** Lead design, deployment, and lifecycle management of enterprise firewalls and WAFs, while planning for reduced reliance on traditional firewalls as Zero Trust adoption scales.

+ **AlgoSec Oversight:** Leverage AlgoSec for firewall policy automation and optimization during the transition, ensuring policy consistency across environments.

+ **Operational Services Oversight:** Manage and hold accountable the operational services provider (MSSP/partners) to ensure service delivery meets SLAs, compliance requirements, and quality standards. Provide governance, escalations, and direction for continuous improvement.

+ **Integration & Migration:** Architect hybrid models where firewalls, Zscaler, and WAFs coexist, ensuring secure and seamless migration of applications, sites, and users.

+ **Collaboration & Leadership:** Partner with internal stakeholders, external MSSPs, and technology providers to ensure effective rollout of Zero Trust and WAF-based security. Provide technical leadership and direction to influence enterprise strategy.

+ **Security Policy & Compliance:** Develop policies and configurations that reflect Zero Trust principles, least-privilege access, and regulatory requirements for aerospace and defense.

+ **Performance & Monitoring:** Establish monitoring frameworks for firewalls, Zscaler services, WAFs, and MSSP performance to ensure visibility, availability, and rapid incident response.

+ **Documentation & Knowledge Transfer:** Maintain comprehensive documentation of both legacy and modern security architectures. Mentor junior engineers on evolving technologies and approaches

Education Qualifications:

+ Bachelor’s degree from accredited university or college with minimum 5 years of professional experience

+ OR associate’s degree with minimum 8 years of professional experience

+ OR High School Diploma with minimum 10 years of professional experience

+ Military experience equivalent to professional experience

Technical Skills:

+ Extensive experience in network architecture and security, including design and management of large-scale firewall deployments.

+ Demonstrated expertise with Zero Trust networking, including Zscaler ZIA/ZPA.

+ Strong experience with Web Application Firewalls (e.g., Cloudflare) for application-layer protection.

+ Strong understanding of network protocols, routing, segmentation, identity-driven access, and security best practices.

+ Proficiency in AlgoSec or similar tools for firewall policy automation.

+ Experience in managing and holding accountable MSSPs or outsourced operational partners.

+ Familiarity with FedRAMP, CMMC, and NIST 800-171 compliance requirements.

Soft Skills:

+ Strong leadership, influencing, and collaboration skills across diverse teams.

+ Excellent problem-solving and analytical abilities.

+ Clear, concise communication with executive stakeholders and engineers alike.

+ Ability to govern vendors/partners and hold them accountable to delivery standards.

Certifications:

+ Highly desirable: CISSP, CISM, CCNP Security, Palo Alto PCNSE, Zscaler Certified Cloud Professional (ZCCP), Cloudflare Certified WAF Specialist, or equivalent credentials.

Additional Information

GE Aerospace offers a great work environment, professional development, challenging careers, and competitive compensation. GE Aerospace is an Equal Opportunity Employer (https://www.eeoc.gov/sites/default/files/2022-10/22-088\_EEOC\_KnowYourRights\_10\_20.pdf) . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

GE Aerospace will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

**Relocation Assistance Provided:** No

\#LI-Remote - This is a remote position

GE Aerospace is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.