IT: Senior IT & Cybersecurity Architect

Location: Cambridge, MA

Company: Nanobiosym

Nanobiosym is an award-winning company at the forefront of nanotechnology, physics, and biomedicine. Based in Cambridge, MA and founded by an MIT/Harvard alum, we are building next-generation tech solutions for healthcare.

We are looking for a Senior IT & Cybersecurity Architect to build out and upgrade end to end IT infrastructure—from secure networks and virtualized environments to cloud security and endpoint management. This is an on-site, hands-on role for someone who can design, implement, and proactively manage a highly secure, high-performance IT environment, while working closely with executive leadership to align technology with business goals.

• Design, implement, and manage secure, scalable networks (LAN/WAN, VLANs, VPNs, SD-WAN) and segmentation strategies.
• Deploy and maintain virtualization infrastructure (VMware, Citrix) and containerized environments (Docker, Kubernetes).
• Architect and manage Zero Trust and zero/thin client environments for secure endpoint access.
• Configure and manage firewalls, access controls, and monitoring systems to ensure 24/7 security and availability.
• Lead user and VM provisioning
  , device management, and endpoint security across Windows and Linux systems.
• Implement and oversee AWS cloud security
  , including IAM, VPCs, S3, and centralized logging.
• Conduct regular risk assessments, propose security improvements, and lead incident response when needed.
• Develop documentation (network diagrams, SOPs, access policies) and enforce compliance with standards (NIST, ISO 27001).
• Collaborate with leadership to define IT/security roadmaps, manage priorities, and communicate risks/tradeoffs.
• Evaluate and onboard vendors, tools, and services aligned with infrastructure needs.

• PhD or Master's degree in Computer Science, Information Security, Engineering, or a related field.
• 7+ years of hands-on experience in IT infrastructure, cybersecurity architecture, and systems engineering.
• Proven experience designing and managing virtualized environments (VMware, Citrix) and containerized systems (Docker, Kubernetes).
• Strong understanding of networking principles (TCP/IP, DNS, DHCP) and practical experience configuring firewalls, VLANs, VPNs, and SD-WAN
  .
• Hands-on expertise in implementing Zero Trust architecture
  , zero/thin client infrastructure
  , and securing air-gapped or segmented environments.
• Deep experience with user provisioning, identity and access management (IAM), and endpoint control across Windows and Linux systems.
• Proficiency in securing and operating AWS environments
  , including VPC design, IAM roles, encryption, and monitoring (Cloud Watch, Guard Duty).
• Familiarity with infrastructure automation tools such as Power Shell, Bash, Terraform, or Ansible.
• Experience with SIEM platforms, EDR tools
  , and log aggregation for detection and response (e.g. Splunk, Logz.io, Sentinel One, etc.).
• Solid grasp of cybersecurity frameworks and compliance standards such as NIST CSF, ISO 27001, HIPAA
  , and awareness of FDA-related frameworks (e.g. IEC 62304).
• Ability to work autonomously in a high-trust environment, define best practices, and build systems from the ground up
  .
• Excellent documentation and communication skills
  , with the ability to clearly articulate technical decisions, risk tradeoffs, and system architecture to non-technical leadership (CEO, legal, operations, etc.).
• DOD Compliance and Security Clearance preferred.

• Certifications:
  
  CISSP, CISM, CCNP, AWS Security Specialty
  , or similar.
• Familiarity with scripting/automation (e.g. Power Shell, Python, Terraform, Ansible).
• Experience working in regulated industries (biotech, pharma, healthcare).
• Knowledge of compliance frameworks:
  NIST CSF, ISO 27001, IEC 62304, HIPAA
  .
• Exposure to OT, IoT, or LIMS environments is a plus.