Senior Network Perimeter Security Architect

Senior Network Perimeter Security Architect

Join to apply for the Senior Network Perimeter Security Architect role at ABM Industries.

ABM offers a comprehensive benefits package. For information about ABM’s benefits, visit: (link to be added).

ABM is currently seeking an initiative‑taking and experienced Senior Network Perimeter Security Architect. This role is responsible for the leading design, implementation, and management of our enterprise perimeter security infrastructure. Must architect robust defenses against external threats while ensuring scalability, compliance, and accountability for the technical aspects of the enterprise information security architecture, stability, and resiliency related to network security solutions and operational efficiency.

• Design and maintain the enterprise’s perimeter security architecture, including firewalls, secure web gateways, VPNs, proxies, and DDoS mitigation.
• Evaluate and recommend next‑generation firewall (NGFW) and threat prevention technologies.
• Lead architecture reviews and risk assessments for new network and cloud deployments.
• Develop and enforce security standards, policies, and procedures related to perimeter defense.
• Collaborate with network engineering, cloud operations, SOC, and application security teams.
• Provide expert‑level guidance on secure network segmentation, micro segmentation, and zero trust principles.
• Lead security architecture initiatives in hybrid cloud environments, integrating on‑prem, virtual, and cloud native controls.
• Evaluate new security tools, conduct POCs, and lead deployment strategies.
• Respond to and analyze security incidents involving perimeter technologies.
• Support regulatory and compliance initiatives (e.g., PCI DSS, HIPAA, ISO 27001, NIST).
• Mentor junior team members and provide technical leadership across projects.
• Proactively analyze, identify, and resolve performance bottlenecks.
• Assist with strategy, implementation and recovery point/time objective for business continuity and disaster recovery.
• Stay up to date with cybersecurity threats, risks, and vulnerabilities with potential impact on services.
• Form relationships with colleagues in operations, engineering, software development and risk management.
• Collaborate with IT and cybersecurity leadership to develop practices to reduce attack surface, as well as countermeasures to impede internal threats and external attackers.
• Attend project and implementation meetings and advise on secure application and infrastructure configurations.
• Be willing to work nonstandard business hours for projects, business impact issues and incident response.
• Assist in the definition of the strategy and technology roadmap for Network Security Architecture, assess, and deliver fit for purpose technical security solutions.
• Identify, plan, and execute needed security changes to existing methods and techniques used throughout the organization.
• Lead projects and initiatives with broad scope and high impact to the business and be a recognized expert in Network Security.
• Define key performance indicators, objectives and key results, and metrics to illustrate efficacy with cloud infrastructure and applications.
• Maintain detailed documentation, including diagrams, configurations, and procedures.

• Familiarity with Azure, AWS and GCP.
• SaaS solutions such as Salesforce, Workday, MS Office 365, SAP, OCF.
• Identity and Access Management (IAM) platforms and related protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth.
• Experience with Zero Trust Network Access (ZTNA) cloud‑based security platforms, like Zscaler (ZIA/ZPA).
• Understanding corporate network monitoring and security and common network protocols such as TCP/IP, VLANS, DNS, DHCP, BGP, OSPF, RADIUS, WIFI.
• Networking and firewalls – CISCO, Forti Gate, Meraki, Checkpoint, Juniper, Palo Alto, and Virtual Firewall appliances.
• Experience managing 200+ Firewalls in an Enterprise.
• Firsthand experience with VMware NSX, including NSX‑T and NSX‑v, with focus on micro segmentation and distributed firewalling.
• Experience implementing and managing End‑point protection using Microsoft Intune.
• Experience…