Cloud Network Security Architect SME (TIC 3.0)
Location: Fully Remote (East Coast)
Clearance: Public Trust, Secret Clearance preferred
Employment Type: Full-time
Salary: $160,000-$190,000
Role Overview
The TIC 3.0 Developer SME will focus on architecting, implementing, and maintaining secure, compliant network environments in AWS with an emphasis on Trusted Internet Connections (TIC) 3.0 principles. This role involves hands-on deployment and management of Palo Alto VM-Series firewalls, infrastructure as code (IaC), hybrid connectivity, and Zero Trust/TIC-aligned security controls, often functioning independently to support federal client requirements.
Responsibilities
- Architect and manage complex AWS network environments to meet TIC 3.0 and federal security standards.
- Deploy and manage Palo Alto VM-Series firewalls in AWS, including configuration of GlobalProtect, Panorama, and security policy orchestration.
- Use Terraform or CloudFormation to deploy major networking components via Infrastructure as Code (IaC), ensuring repeatable, documented, and auditable environments.
- Configure, troubleshoot, and maintain hybrid connectivity solutions, including AWS Direct Connect, Site-to-Site VPNs, and SD-WAN integrations.
- Design and implement Transit Gateway architecture and VPC Peering in multi-account AWS environments.
- Apply Zero Trust principles and TIC 3.0 requirements within AWS and Palo Alto ecosystems to enhance application and network security.
- Serve as the primary (or sole) Network Architect/Engineer responsible for discovery, documentation, design, and execution of network security solutions with minimal supervision.
- Collaborate with stakeholders to ensure secure, compliant network designs that support mission-critical federal applications.
