Solutions Architect
Indexed description
The State of Connecticut Judicial Branch is seeking a Solution Architect for the Information Technology Cybersecurity unit to supportthe Branch's cybersecurity, firewall, network security, and compliance initiatives. This is a highly complex Information Technology (IT) environment supporting mission-critical systems that require senior-level cybersecurity expertise. The successful candidate will beresponsible for designing, assessing, hardening, and securingthe Judicial Branch's infrastructure while ensuring compliance with CJIS Security Policy, NIST SP 800-53 Rev. 5, IRS Publication 1075, and other applicable cybersecurity standards.
The selected candidate will provide technical leadership for Palo Alto and Cisco security technologies, assist with the deployment of Palo Alto Prisma Access and ION appliances for the Branch's Secure Access Service Edge (SASE) initiative, perform comprehensive security assessments, and develop remediation plans to strengthen the overall security posture of the Judicial Branch
.Scope of Service
s
The scope of services requiredfor the Cybersecurity Network Security Architectinclude
- s:Expert-level design, implementation, administration, and optimization of Palo Alto Networks firewalls, Panorama, GlobalProtect, Prisma Access, and ION appliance
- s.Expert-level implementation, hardening of Cisconetworking and securityinfrastructur
- e.Perform security hardeningof Palo Alto and Ciscoinfrastructure in accordance with CJIS Security Policy, NIST SP 800-53 Rev. 5, IRS Publication 10
- 75Perform security assessments of firewalls, Azureenvironments, network infrastructure, enterprise applications, and supporting system
- s.Develop Plans of Action and Milestones (POA&Ms) based on assessment findings and provide remediation recommendation
- s.Review firewall rule bases, networksegmentation, VPN configurations, routing, and remote access architectures to ensure security and complianc
- e.Assist with the design and deployment of Palo Alto Prisma Accessand ION appliances supporting remote office connectivity and Secure Access Service Edge (SASE
- ).Evaluate Azure networking and security configurations to ensure secureintegration with hybrid infrastructur
- e.Design, implement, and optimize Azure ExpressRoute, routing,and Palo Alto cloud firewall connectivity for secure hybrid environment
- s.Perform risk assessments and configuration reviewsagainst CJIS SecurityPolicy, NIST SP 800-53 Rev. 5, IRS Publication 1075, and Judicial Branch security standard
- s.Work closely with infrastructure, networking, cloud, and application teams to remediate security finding
- s.Assist with audit preparation and support for CJIS, IRS, and other regulatory compliance assessment
- s.Develop technical documentation, architecture diagrams, assessment reports, and executive summarie
s.
Minimum Qualificati
ons
In additionto the standard skills and experience for the job class, the ideal candidate should be prepared to discuss the follow
ing:General Experi
- ence8+ years of expert-level hands-onexperience with Cisco networking and security technolog
- ies.6+ years of expert-level hands-onexperience with Palo Alto Networksfirewalls and security platfo
- rms.Demonstratedexperience implementing cybersecurity best practices withinhighly available enterprise environme
nts.Technical Competen
- cies
Expert knowledge of Palo Alto Networks NGFW, Panorama, GlobalProtect, Prisma Access, and ION applia - nces.Expert knowledge of Cisco routing,switching, VPN, firewall,and network security technolo
- gies.Experience hardening networkinfrastructure to CJIS Security Policy,NIST SP 800-53 Rev. 5, IRS Publication 1075, and security best pract
- ices.Experience performing cybersecurity risk assessments and developing POA&am
- p;Ms.Experience performing firewall, network, Azure,and application securityassessm
- ents.Strong understanding of Zero Trust architecture, networksegmentation, secure remote access, and Secure Access Service Edge (S
- ASE).Experience securingMicrosoft Azure networking and cloud infrastruc
- ture.Experience reviewing firewallpolicies, VPN configurations, routing, and network segmenta
- tion.Excellent writtenand verbal communication sk
- ills.Experience preparing technicaldocumentation and presenting findings to technicaland executive audie
- nces.Palo Alto Networks and Cisco securitycertifications are highlydesir
- able.CISSP, CISM, or equivalent cybersecurity certification is prefe
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search