Network and Cybersecurity Architect

Expert In Recruitment Solutions

Albany, NY, NY

JOB DETAILS
SALARY
$80–$88 Per Hour
SKILLS
Access Control, Authentication, BGP, Capacity Management, Capacity and Performance Management, Computer Security, DNS (Domain Name System), Diversity, Documentation, Failover, Firewall Administration, Firewalls, Identity Data Management, Intellectual Property Analysis, Internet Security, Interoperability, Intrusion Detection Systems, Intrusion Prevention Systems, National Agency Clearance, Network Access Control (NAC), Network Architecture/Engineering, Network Configuration Management, Network Design, Network Integration, Network Performance/Analysis, Network Routing, Network Scalability, Network Security, Network Support, Network Switching, Open Shortest Path First Protocol (OSPF), Operational Strategy, Operations Processes, Operations Security (OPSEC), Performance Management, Performance Tuning/Optimization, Proof of Concept, Reliability Engineering, Remote Access, Routing Protocols, Security Analysis, Security Architecture, Security Attacks, Security Information and Event Management (SIEM), Strategic Planning, Support Documentation, Technical Leadership, Technical Support, Technical Writing, Technology Analysis, Telemetry, VPN (Virtual Private Network), Vendor/Supplier Evaluation, Wide Area Network (WAN)
LOCATION
Albany, NY, NY
POSTED
30+ days ago
JOB TITLE: Network and Cybersecurity Architect
EMPLOYMENT TYPE: Long-term Contract
LOCATION DETAILS: Albany, NY (5 days per week onsite)

Rate: $80-88/Hr C2C - Only Local and USC/GC - USC preffered.

The Network and Cybersecurity Architect will be responsible for developing, documenting, and implementing current and future state network and cybersecurity architectures, recommending technologies and standards, improving performance and resilience, and helping ensure that designs aligns with cybersecurity and operational requirements. This role requires strong knowledge of enterprise and industrial networking, routing and segmentation, security architecture, and the operational realities of critical infrastructure environments.

This position will also contribute to the architecture, engineering, and integration of cybersecurity capabilities commonly required in modern transportation and OT networks, including EDR, SIEM, firewalls, VPNs, IAM, NAC, vulnerability management, and related security controls.

Key Responsibilities
Network Design and Planning
  • Develop and document network architectures that support the current and future needs of Regional TMCs, the STICC, and associated ITS, OT, and business environments.
  • Evaluate, recommend, and configure network technologies and solutions, including WAN routing protocols such as OSPF and BGP, segmentation strategies, and resilient communications designs.
  • Plan and support execution of consolidation and modernization initiatives to improve performance, maintainability, and operational efficiency.
  • Define current state and future state network and cybersecurity architectures, standards, and roadmaps.
  • Create and maintain architecture diagrams, data flow diagrams, and supporting technical documentation.

Security Architecture and Cybersecurity Engineering
  • Work closely with the NYSDOT CISO to develop and implement comprehensive network and cybersecurity strategies.
  • Recommend and deploy security designs that protect critical ITS and OT assets from cyber threats while preserving operational availability and safety.
  • Lead or support vulnerability assessments of external IP addresses, internal network segments, and security architecture exposures, and develop remediation plans.
  • Integrate threat intelligence feeds from MS-ISAC, NYSOC, and other approved sources into architectural and operational security processes.
  • Design and configure recommendations for firewalls, VPNs, network segmentation, zero trust approaches, and secure remote access to sensitive environments.
  • Support engineering and design decisions related to endpoint detection and response (EDR) platforms, ensuring endpoint telemetry and response capabilities are appropriately integrated with network and security operations.
  • Support SIEM integration and design by helping ensure logs from network devices, firewalls, VPN concentrators, NAC systems, and security appliances are properly captured, normalized, and usable for monitoring and response.
  • Contribute to the design and improvement of identity and access management (IAM) controls for administrative access, remote access, privileged access, and service authentication.
  • Provide design guidance and configuration for network access control (NAC) solutions to improve device visibility, policy enforcement, and segmentation.
  • Support secure design and placement of IDS/IPS, DNS security controls, secure management plane access, and monitoring infrastructure.

Technology Evaluation and Implementation
  • Research and evaluate emerging networking and cybersecurity technologies and assess their applicability to the ITS and OT environment.
  • Develop proof-of-concept initiatives and pilot programs to validate new technologies and approaches before broader deployment.
  • Provide technical leadership and architectural guidance to network engineers and other technical staff.
  • Evaluate vendor solutions for security, operational fit, lifecycle support, and interoperability with existing infrastructure.

Network Optimization and Performance Management
  • Analyze network performance, utilization, and operational data to identify opportunities for optimization.
  • Develop strategies to improve network reliability, scalability, resilience, and security.
  • Support capacity planning, lifecycle planning, redundancy design, and performance tuning.
  • Recommend improvements to routing, switching, segmentation, path diversity, and failover design.
  • Help ensure that monitoring, alerting, and observability capabilities are aligned with operational and security needs.

About the Company

E

Expert In Recruitment Solutions