Home / Careers / IT Security Architect
Open Position

IT Security Architect

Design the security architectures that protect government agencies, energy operators, and mission-critical organizations. This is a senior contract role for architects who can translate complex business and regulatory requirements into technically sound, implementable security designs — across on-prem, cloud, and hybrid environments.

Contract Remote Architecture
Apply for This Position

Role Overview

NetworkSharks is seeking an IT Security Architect on a contract basis to support our architecture and advisory practice. You will work directly with our clients — government departments, energy companies, and critical infrastructure operators — to design secure enterprise architectures, develop Zero Trust strategies, and produce the technical documentation that translates security requirements into implementable designs.

This is a client-facing role. You will engage with IT directors, infrastructure teams, security leads, and executive stakeholders. You will produce architecture diagrams, reference architectures, implementation guidance, and decision-support documentation that directly shapes how our clients build and secure their environments. Your work will be visible, consequential, and held to a high standard of technical rigor.

Key Responsibilities

  • Design secure enterprise and hybrid-cloud security architectures aligned to client business requirements and regulatory obligations
  • Develop Zero Trust strategies and reference architectures based on NIST SP 800-207 and Microsoft Zero Trust principles
  • Design network segmentation and microsegmentation models including VLAN architecture, east-west traffic control, and perimeter design
  • Create secure remote access architectures — VPN, ZTNA, and privileged access workstation design
  • Advise on identity-centric security architecture including Microsoft Entra ID, IAM, PAM, MFA, SSO, and PKI
  • Integrate security controls across on-premises, Azure, and hybrid environments
  • Define logging, monitoring, and SIEM integration patterns for enterprise-scale environments
  • Review and assess existing firewall, NAC, VPN, IAM, and endpoint architectures — identifying gaps and producing remediation guidance
  • Produce architecture documentation including logical/physical diagrams, standards documents, and implementation roadmaps
  • Support secure cloud migration planning for Microsoft Azure deployments in regulated environments
  • Collaborate with engineering, operations, and leadership teams to ensure designs are achievable and aligned to organizational capacity

Required Technical Skills

  • Deep expertise in security architecture across network, identity, endpoint, and cloud domains
  • Strong knowledge of Zero Trust architecture — NIST SP 800-207, Microsoft Zero Trust, and practical implementation patterns
  • Microsoft Azure security architecture — Entra ID, Defender for Cloud, Sentinel, Azure Firewall, and conditional access
  • Enterprise network security — NGFW (Palo Alto, Fortinet, Cisco), SD-WAN, IDS/IPS, NAC, 802.1X, BGP, OSPF
  • Identity architecture — Active Directory, Entra ID, PAM (CyberArk, BeyondTrust), MFA, PKI
  • Architecture diagramming — Visio, draw.io, Lucidchart, or equivalent
  • Experience translating regulatory requirements (NIST SP 800-53, ISO 27001, ITSG-33) into technical control specifications

Preferred Qualifications

  • SABSA, TOGAF, or equivalent enterprise architecture certification
  • CISSP, CCSP, or Microsoft Certified: Azure Security Engineer Associate
  • Experience delivering architecture engagements for federal or provincial government clients
  • Familiarity with Canadian government security standards — ITSG-33, Protected B/C requirements, GC SBOM
  • Experience with OT/IT convergence architecture and industrial DMZ design

Experience Requirements

  • Minimum 8 years of IT/security experience with at least 4 years in a dedicated architecture role
  • Portfolio of delivered architecture engagements — reference architectures, design documents, or implementation standards
  • Demonstrated experience advising senior stakeholders and translating business risk into technical design decisions

What Success Looks Like

  • Your architectures are technically sound, implementable, and aligned to the client's regulatory and operational context
  • Clients adopt your designs and reference them as standards for future work
  • Your documentation is precise, complete, and requires minimal revision — engineering teams can implement from your deliverables
  • You identify architectural risk that internal teams missed and propose solutions that are practical, not theoretical
  • Your work directly enables clients to make confident, well-documented security investment decisions

Why Join NetworkSharks

Architecture work at NetworkSharks is real. We don't produce reference architectures that sit on a shelf — our clients implement them in production environments that carry regulatory and operational weight. You will work on environments where the design decisions matter, where your technical judgment is respected, and where the output directly shapes how an organization defends itself. If you are an architect who wants to work on challenging, consequential problems with clients who take security seriously, this engagement is worth your time.

Position Details

  • Contract
  • Remote
  • Architecture Practice
  • Client-facing
  • Clearance asset

Architecture Domains

  • Zero Trust / NIST 800-207
  • Cloud Security (Azure)
  • Identity & Access Architecture
  • Network Security Design
  • Endpoint & Detection

Technologies

  • Microsoft Azure / Entra ID
  • Palo Alto / Fortinet / Cisco
  • CyberArk / BeyondTrust
  • Microsoft Sentinel
  • SD-WAN / NGFW / NAC

Senior architect with enterprise security depth? Let's talk.

Apply Now

Ready to Apply?

Submit your application for the IT Security Architect contract role. All applications are reviewed confidentially.

Apply for This Position View All Openings