New

CyberSecurity Engineer/Hands On Architect

TEKsystems
$80.00 - $95.00 / hr
life insurance, sick time, 401(k), retirement plan
United States, California, Orange
Mar 27, 2026
Description Pre Screen Questions must be documented and added to submittal 1. Have you consolidated multiple firewall vendors or devices? Please list vendor experiences. 2. What's the largest or most complex network environment you've architected or secured? 3. Have you architected Zero Trust or network segmentation before? Please list vendor and security framework/standard. 4. Please list any firewall migrations or redesigns you have completed including platforms involved and challenges faced. 5. Please list VPN deployment experience (integration with ID providers, site-to-site, remote access, 3rd party vendor VPN connections, etc.) 6. Please list Wireless Security Experience (design and secure corporate wireless, IOC or BYOD) 7. Please list any projects for architecting Cybersecurity SIEM solutions. 8. Please list projects where you were responsible for overall security architecture including framework alignment. 9. Any experience with Cybersecurity architecting for CJIS, DOD or Federal government? Position Overview SAIC is seeking a Cybersecurity Architect to support the Orange County Sheriff's Department. This role provides expert technical leadership and oversees the design, development, and implementation of enterprise-wide security architecture to protect OCSD systems, data, and assets. The position is fully onsite and supports mission-critical public safety operations requiring high reliability, compliance with CJIS, and advanced security engineering. Key Responsibilities Palo Alto Networks Security Engineering Design, implement, and manage Palo Alto NGFWs, Panorama, and security services (Wildfire, Threat Prevention, URL Filtering, AV). Develop and enforce rule sets, policies, and Zero Trust-aligned segmentation. Serve as the SME for all Palo Alto engineering, configuration, and troubleshooting. Network Security Architecture Architect secure VPN solutions (GlobalProtect, sitetosite, MFA). Design and secure wireless environments for corporate, guest, and BYOD/IoT. Build secure DNS infrastructure (DNSSEC or private DNS models). SIEM Architecture & Operations Lead design, deployment, and tuning of the enterprise SIEM. Integrate logs, build correlation rules, dashboards, and monitoring use cases. Incident Response Develop and maintain the Incident Response Plan and playbooks. Lead technical response during critical cybersecurity incidents. Conduct postincident analysis and recommend security improvements. Compliance & Governance Ensure architecture and operations comply with CJIS and applicable state/federal requirements. Create and maintain security standards, baselines, and reference architectures. Conduct regular security assessments and guide remediation efforts. Required Qualifications Education & Experience BS in Cybersecurity or related field + 7 years' experience OR MS + 5 years OR PhD + 4 years Certifications (Required) CISSP, GCIH, CEH, GREM, or equivalent. Technical & Professional Skills Expert-level experience with Palo Alto Networks technologies. Strong background in enterprise network security, segmentation, and Zero Trust. Experience supporting SOC environments and incident response operations. Strong SIEM engineering experience. Excellent communication, documentation, and project leadership skills. Ability to work independently, manage multiple projects, and operate under pressure. Flexible to support after-hours or weekend changes when required. "We leveraged User-ID in Panorama to correlate IP addresses to users during investigations, which helped us identify compromised accounts or lateral movement attempts." "I tuned the password spray rule by adding user-count thresholds and trusted IP exclusions to reduce MFA-related false positives." "In Cortex, I focus on BIOCs and incident correlation that combine endpoint behavior, firewall telemetry, and identity context. I tune detections to only alert when behaviors chain together, then automate containment via XSOAR." "I onboarded multiple Palo Alto firewalls into Panorama and structured them using device groups for policy hierarchy and templates for network and system configuration. Shared objects lived at the top level, with environment-specific rules handled in child device groups." "All security policies were created and validated in Panorama. I used pre-rules for global enforcement and post-rules for site-specific exceptions, then performed policy-only commits and pushes to limit blast radius." "During incident triage, we used Panorama's Traffic, Threat, and WildFire logs to quickly validate malicious activity, identify impacted sources and destinations, and understand whether the firewall blocked or allowed the traffic." "After incidents, I reviewed Panorama policy usage and logs to identify gaps, tightened overly permissive rules, and added new App-ID-based controls to prevent recurrence." List of Prescreening Questions: 1. Have you consolidated multiple firewall vendors or devices? Please list vendor experiences. 2. What's the largest or most complex network environment you've architected or secured? 3. Have you architected Zero Trust or network segmentation before? Please list vendor and security framework/standard. 4. Please list any firewall migrations or redesigns you have completed including platforms involved and challenges faced. 5. Please list VPN deployment experience (integration with ID providers, site-to-site, remote access, 3rd party vendor VPN connections, etc.) 6. Please list Wireless Security Experience (design and secure corporate wireless, IOC or BYOD). 7. Please list any projects for architecting Cybersecurity SIEM solutions. 8. Please list projects where you were responsible for overall security architecture including framework alignment. 9. Any experience with Cybersecurity architecting for CJIS, DOD or Federal government? Skills Endpoint Security, Palo Alto Firewall, Endpoint Detection Response, DNS Security, CyberArk, Entra ID, Cisco ISE, Security architecture, Cyber security, Information security Top Skills Details Endpoint Security,Palo Alto Firewall,Endpoint Detection Response,DNS Security,CyberArk,Entra ID,Cisco ISE,Security architecture,Cyber security,Information security Additional Skills & Qualifications * Minimum Education/Experience: BS in Cybersecurity or related technical field, 7+ years relevant industry experience, or MS in Cybersecurity or related technical field, 5+ years relevant industry experience, or PhD in Cybersecurity or related technical field with 4+ years industry experience. Additional Qualifications: * Professional experience providing expert technical leadership in support of a Security Operations Center (SOC) or similar organization that provides cyber security services. * Strong understanding of Palo Alto Networks architecture and technologies. Expertise with Palo Alto Networks firewalls, intrusion prevention systems and other security products. * Experience with network security design, deployment, and maintenance. * Experience with troubleshooting security issues. * Experience with providing support to users. * Excellent communication and interpersonal skills. * Strong Project Management * Ability to work independently and as part of a team. * Ability to work under pressure and meet deadlines. * Ability to work overtime as requested. * Ability to work flexible hours including weekends and overnight * Ability to manage multiple projects simultaneously Clearance The selected applicant will be subject to the OCSD background check process as well as basic Live Scan background checks for SAIC. A polygraph exam may be required if deemed necessary during the background check. Experience Level Expert Level Job Type & LocationThis is a Contract to Hire position based out of Orange, CA. Pay and BenefitsThe pay range for this position is $80.00 - $95.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: * Medical, dental & vision * Critical Illness, Accident, and Hospital * 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available * Life Insurance (Voluntary Life & AD&D for the employee and dependents) * Short and long-term disability * Health Spending Account (HSA) * Transportation benefits * Employee Assistance Program * Time Off/Leave (PTO, Vacation or Sick Leave) Workplace TypeThis is a fully onsite position in Orange,CA. Application DeadlineThis position is anticipated to close on Mar 31, 2026. h4>About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. About TEKsystems and TEKsystems Global Services We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com. The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.