About the role As a Security Architect, you will make an impact by designing, securing, and evolving enterprise-grade network and cloud security platforms that enable secure access, regulatory compliance, and scalable governance across the organization. You will be a valued member of the Cybersecurity Architecture & Engineering team and work closely with security operations, cloud, network, and application stakeholders to modernize security capabilities while maintaining strong operational resilience. This role blends hands-on engineering, architectural design, and technical leadership, with a focus on firewall platforms, identity, cloud security, SIEM, endpoint protection, and vulnerability management. In this role, you will: Architect, implement, and operate network and cloud security controls, including next-generation firewalls, VPN, WAF, IDS/IPS, segmentation, and Zero Trust access. Lead Palo Alto firewall environments across on-prem and Azure, including policy design, lifecycle management, optimization, and threat prevention capabilities. Design and manage secure remote access solutions (GlobalProtect / Prisma Access), enforcing Zero Trust and strong authentication controls. Oversee Cisco ISE services for identity, AAA, RBAC, and directory/SSO integrations, ensuring strong access governance and auditability. Direct the administration and tuning of Web Application Firewalls (WAF) to protect applications from Layer-7 threats, bots, and abuse. Implement and manage Microsoft Entra ID, including SSO onboarding, MFA, risk-based authentication, and federation protocols (SAML, OAuth2, OIDC). Lead a centralized vulnerability management program using CrowdStrike, prioritizing remediation based on risk, exploitability, and business impact. Oversee SIEM and endpoint security operations using CrowdStrike NGSIEM and Falcon, ensuring effective detection, response, and SOAR execution. Own major incident response for network and cloud security services, including escalation, stakeholder communication, RCA, and corrective actions. Ensure security change governance, compliance readiness, and audit support through evidence collection, recertification, and control attestations. Drive continuous improvement and automation, including policy optimization, observability, runbooks, and infrastructure-as-code practices. What you need to have to be considered Extensive experience in network and cloud security architecture and operations, including firewalls, VPN, WAF, IDS/IPS, proxy, and segmentation. Hands-on expertise with Palo Alto Networks platforms (NGFW, Panorama/Strata Cloud Manager, WildFire, Threat Prevention, URL Filtering, GlobalProtect). Strong experience with identity and access management, including Microsoft Entra ID, MFA, SSO, RBAC, and federation protocols. Proven capability in security incident and vulnerability management, including triage, remediation tracking, and root cause analysis. Solid understanding of security frameworks and standards, such as ISO 27001/27002, NIST CSF / 800-53, and CIS Controls. Experience working within security governance, risk, and compliance programs, including audits and policy enforcement. Ability to lead complex technical initiatives while communicating effectively with technical teams and executive stakeholders. Strong operational mindset with experience aligning security services to ITSM, change management, and SLA/SLO commitments. These will help you stand out Experience with CrowdStrike Falcon and NGSIEM, including SOAR integrations and SIEM health management. Exposure to Zero Trust, ZTNA, and SASE architectures. Hands-on experience driving automation and security modernization using IaC, CI/CD, or policy-as-code. Relevant security certifications such as PCNSE, CCNP/CCIE Security, CISSP, or CISM. Background leading or mentoring teams through security transformation or large-scale platform upgrades. Cognizant is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.