On-Prem Security Architect

• Bachelor’s or Master’s degree in Cybersecurity, Information Technology, Computer Science, or a related technical discipline.
• Minimum 5 years of experience in a similar cybersecurity or infrastructure security role.
• Advanced expertise in network security technologies, including NGFW platforms such as Palo Alto and Fortinet, as well as secure IT/OT segmentation design.
• Expert-level knowledge of securing Windows and Linux server environments, including protection of legacy infrastructure.
• Hands-on experience implementing and optimizing endpoint protection solutions (EDR/Antivirus) and Network Access Control (NAC) systems.
• Practical understanding of immutable backup architectures and Public Key Infrastructure (PKI) management.
• Knowledge of emerging AI-related threats and security considerations for physical compute infrastructure supporting local LLM environments.
• Strong English communication skills.

Nice to have:

• Industry certifications related to network security, infrastructure security, or cybersecurity architecture.
• Experience working in regulated or critical infrastructure environments.

• Design and oversee secure IT/OT network segmentation architectures to ensure isolation of critical production and operational environments.
• Develop and maintain secure configuration standards for Next-Generation Firewalls (NGFW) and enterprise network infrastructure.
• Design ransomware-resilient backup architectures ensuring business continuity and compliance with NIS2 requirements.
• Lead the implementation and standardization of Network Access Control (NAC) solutions across the organization.
• Implement and supervise AI-driven systems for predictive anomaly detection and incident identification within on-premises environments.
• Secure physical compute infrastructure, including GPU clusters and servers used for training and hosting local AI/LLM models.
• Perform threat modeling for on-premises infrastructure and propose appropriate technical security controls and mitigations.
• Collaborate with IT teams to remediate critical vulnerabilities in local systems based on risk analysis and security assessments.