Security Architect (Data)

Come join our team! At Unlimited Technology, we are committed to our company's core values of Passion, Collaboration, Innovation and Adaptability. With offices throughout the United States, we are a premier cyber and physical security specialty contractor, and we are growing at a rapid pace. We have a wide range of talented and experienced individuals that deliver cutting edge technology solutions to meet our customers' ever-changing needs. We secure the facilities and networks of the world's leading brands and critical infrastructure and are recognized leaders in the physical and IT security, cyber, and managed services industries. UT offers a rewarding career, great benefits, and the chance to learn and work with ground-breaking technology and premier clients. Chief Security Architect (Data) Role Summary The Chief Security Architect (Data) onsite 5 days a week in Rochester, NY is the senior technical authority responsible for defining and governing the cybersecurity architecture for energy utility data, network, and grid-adjacent environments, including Advanced Metering Infrastructure (AMI), Distributed Energy Resources (DER), and private utility WANs. This role requires deep expertise in large-scale networking (switching, routing, WAN, transport) combined with cybersecurity architecture and risk assessment, with a strong understanding of IT/OT boundaries, grid modernization, and utility operational risk. The position plays a critical role in ensuring secure, resilient, and compliant architectures that support grid reliability, customer data protection, and regulatory expectations. Core ResponsibilitiesData and Networking Security Architecture Define and maintain the enterprise security architecture for: Utility data centers Private utility WANs AMI head-end and meter data management systems (MDMS) DER and grid-edge integration platforms Establish architectural standards that enforce: IT/OT separation Secure utility demarcation points Controlled ingress/egress between enterprise, AMI, and operational zones AMI & DER Architecture Oversight Lead security architecture reviews for: AMI networks (RF mesh, cellular, fiber-backed aggregation) AMI head-end systems and MDMS platforms DER integrations (solar, storage, EV charging, microgrids) Ensure secure integration of: Third-party DER aggregators Cloud-hosted AMI and analytics platforms Define security controls to mitigate: Lateral movement from AMI into enterprise or OT systems Unauthorized DER command and control Supply-chain and vendor access risks Networking, WAN & Transport Architecture Provide hands-on architectural leadership for: Datacenter switching and routing Utility private WAN and carrier connectivity Inter-data-center and regional transport networks Design and review architecture leveraging: Cisco Nexus (NX-OS, EVPN, VXLAN, ACI) Nokia (SR OS, IP/MPLS, Service Routers) Ciena (optical transport, DCI, coherent optics) Embed security into: BGP, OSPF, IS-IS, MPLS, EVPN AMI backhaul and aggregation networks Utility-owned and leased transport circuits Cybersecurity Architecture Reviews & Risk Analysis Conduct formal cybersecurity architecture reviews for: AMI expansions DER onboarding initiatives New private and cloud connectivity Perform: Threat modeling specific to utility attack scenarios Attack-path and lateral movement analysis Control effectiveness assessments Identify architectural risks related to: Improper zone termination Inadequate segmentation Over-trust of vendor-managed systems Provide risk-based remediation guided by operational realities. Segmentation, Zero Trust & Monitoring Define segmentation strategies aligned to utility environments: Enterprise IT AMI / Grid Edge OT / Control Systems Ensure security architectures support: Zero Trust principles where applicable Strong identity, authentication, and authorization Define monitoring and visibility requirements for: AMI traffic DER command-and-control paths Inter-zone communications Ensure integration with: SIEM Network Detection & Response (NDR) Flow telemetry (NetFlow, IPFIX) Regulatory & Stakeholder Engagement Support compliance and audit activities related to: Utility cybersecurity regulations and standards Internal and external security assessments Act as a technical liaison between: IT security OT engineering Grid operations Regulatory and compliance teams Leadership & Influence Serve as the senior technical authority for cybersecurity architecture Mentor senior architects and engineers across IT, OT, and network domains. Influence technology strategy while remaining hands-on and technically credible. Required QualificationsTechnical Experience 10+ years in networking, infrastructure, and security architecture. Deep hands-on expertise with: Cisco Nexus (9K, NX-OS, EVPN, VXLAN) Nokia service routing and IP/MPLS Ciena optical and transport networking Proven experience designing and securing: Utility WANs AMI backhaul and aggregation networks Multi-site, high-availability architectures Utility & Cybersecurity Expertise Demonstrated experience in energy utility environments. Strong understanding of: AMI architectures and data flows DER integration risks IT/OT separation principles Experience performing: Cybersecurity architecture reviews Risk assessments for grid-connected systems Preferred Qualifications Experience with: Grid modernization initiatives DERMS platforms Cloud-hosted AMI or analytics systems Certifications (preferred, not required): CISSP, CCSP, GIAC CCNP / CCIE Nokia certifications Pay Range $150,000-$180,000 USD Benefits Health, dental, and vision coverage Life insurance 401 (k) w/company match 100% up to 3% and an additional 50% match of 2% Paid time off 11 Paid Holidays We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, sex, age, national origin, disability, Veteran status, or any other category protected by federal, state, or local laws.

Created: 2026-03-04