Principal Network Security & Architect

Firewall, Segmentation, Automation & Monitoring – SLED & MSP

Location: Frederick, MD
Type: Full-Time
Compensation: $115,000 – $170,000 (based on architectural expertise and impact)
Experience Required: 10+ years

Why This Role Exists

Public-sector and small-to-medium business networks are under constant pressure from:

• Ransomware
• Compliance mandates
• Hybrid cloud expansion
• High device density
• Limited internal security resources

We currently support 500+ unique client networks across:

• K-12 school districts
• State, Local, and Education (SLED) organizations
• Municipal facilities
• Small and mid-sized businesses

We manage hundreds of deployed firewalls, including a significant SonicWall footprint.

Flat networks, inconsistent rule sets, and reactive security models are not acceptable.

This role exists to design, standardize, harden, and modernize secure architectures across a large, diverse client base.

This Is Not a Desk-Only Role

This is not a sit-at-home enterprise IT position.

You will:

• Travel to client sites when architecture leadership is required
• Lead design sessions with technical and executive stakeholders
• Validate security designs in production
• Participate in migrations and high-impact cutovers
• Engage directly with customers across multiple states

Travel may include projects throughout:

• West Virginia
• Kentucky
• Ohio
• Maryland / DMV region

This role blends architecture authority with real-world accountability.

MSP & Multi-Client Environment

We are a service-based organization.

You will not manage one static network.

You will work across 500+ distinct environments with:

• Different firewall stacks
• Different switching vendors
• Different compliance expectations
• Different budget realities
• Different levels of technical maturity

Success in this role requires:

• Strong context switching ability
• Sound engineering judgment
• The ability to standardize without oversimplifying
• Comfort operating in diverse environments

If you prefer working inside one stable enterprise network, this is not the right role.

What You’ll Do

Firewall & Security Architecture

• Architect and standardize large-scale SonicWall environments
• Design and deploy next-generation firewalls including:
  • SonicWall
  • Palo Alto
  • Fortinet
  • Cisco
• Develop micro-segmentation and policy-based security models
• Design secure site-to-site and remote VPN architectures
• Harden and optimize firewall configurations
• Lead firewall migrations where appropriate
• Integrate firewall telemetry into monitoring and SIEM platforms

Network Segmentation & Compliance

• Design VLAN, VRF, and policy-driven segmentation strategies
• Reduce lateral movement risk
• Align designs with public-sector compliance expectations
• Develop repeatable security frameworks across clients

Automation & Observability

• Use Python to automate:
  • Configuration validation
  • Rule auditing
  • Deployment consistency
  • Data collection
• Leverage APIs for firewall and device interaction
• Reduce configuration drift
• Improve monitoring and alerting across firewall environments
• Build repeatable, scalable security templates

Hybrid & Cloud Integration

• Architect secure Azure and/or AWS connectivity
• Design hybrid networking environments
• Extend segmentation and policy into cloud workloads

What We’re Looking For

• 10+ years designing and securing enterprise networks
• Deep firewall architecture experience (not just rule management)
• Experience managing and standardizing large firewall footprints
• Strong segmentation and zero-trust design capability
• Practical Python automation experience
• Experience operating within MSP or multi-client environments
• Comfortable serving as final technical escalation point
• Strong documentation and client-facing communication skills
• Willingness to travel when architecture leadership is required

Preferred Certifications

• SonicWall Network Security Professional (SNSP) or equivalent experience
• PCNSE
• Fortinet NSE 5–7
• CCNP / CCIE (Enterprise or Security)
• Azure Networking / Security certifications
• JNCIP / JNCIE

Who This Role Is For

• Architects who think in systems
• Engineers who design security first
• Professionals who automate repetitive processes
• Technical leaders comfortable in front of customers
• Engineers who thrive in complex, multi-client environments

This role carries significant responsibility and impact.
The environments you design and secure protect schools, municipalities, and businesses every day.