Security Architect (Data)

Come join our team At Unlimited Technology, we are committed to our company's core values of Passion, Collaboration, Innovation and Adaptability. With offices throughout the United States, we are a premier cyber and physical security specialty contractor, and we are growing at a rapid pace. We have a wide range of talented and experienced individuals that deliver cutting edge technology solutions to meet our customersu2019 ever-changing needs. We secure the facilities and networks of the worldu2019s leading brands and critical infrastructure and are recognized leaders in the physical and IT security, cyber, and managed services industries. UT offers a rewarding career, great benefits, and the chance to learn and work with ground-breaking technology and premier clients. Chief Security Architect (Data) Role Summary The Chief Security Architect (Data) onsite 5 days a week in Rochester, NY is the senior technical authority responsible for defining and governing the cybersecurity architecture for energy utility data, network, and grid-adjacent environments , including Advanced Metering Infrastructure (AMI), Distributed Energy Resources (DER), and private utility WANs. This role requires deep expertise in large-scale networking (switching, routing, WAN, transport) combined with cybersecurity architecture and risk assessment, with a strong understanding of IT/OT boundaries, grid modernization, and utility operational risk. The position plays a critical role in ensuring secure, resilient, and compliant architectures that support grid reliability, customer data protection, and regulatory expectations. Core Responsibilities Data and Networking Security Architecture + Define and maintain the enterprise security architecture for: + Utility data centers + Private utility WANs + AMI head-end and meter data management systems (MDMS) + DER and grid-edge integration platforms + Establish architectural standards that enforce: + IT/OT separation + Secure utility demarcation points + Controlled ingress/egress between enterprise, AMI, and operational zones AMI & DER Architecture Oversight + Lead security architecture reviews for: + AMI networks (RF mesh, cellular, fiber-backed aggregation) + AMI head-end systems and MDMS platforms + DER integrations (solar, storage, EV charging, microgrids) + Ensure secure integration of: + Third-party DER aggregators + Cloud-hosted AMI and analytics platforms + Define security controls to mitigate: + Lateral movement from AMI into enterprise or OT systems + Unauthorized DER command and control + Supply-chain and vendor access risks Networking, WAN & Transport Architecture + Provide hands-on architectural leadership for: + Datacenter switching and routing + Utility private WAN and carrier connectivity + Inter-data-center and regional transport networks + Design and review architecture leveraging: + Cisco Nexus (NX-OS, EVPN, VXLAN, ACI) + Nokia (SR OS, IP/MPLS, Service Routers) + Ciena (optical transport, DCI, coherent optics) + Embed security into: + BGP, OSPF, IS-IS, MPLS, EVPN + AMI backhaul and aggregation networks + Utility-owned and leased transport circuits Cybersecurity Architecture Reviews & Risk Analysis + Conduct formal cybersecurity architecture reviews for: + AMI expansions + DER onboarding initiatives + New private and cloud connectivity + Perform: + Threat modeling specific to utility attack scenarios + Attack-path and lateral movement analysis + Control effectiveness assessments + Identify architectural risks related to: + Improper zone termination + Inadequate segmentation + Over-trust of vendor-managed systems + Provide risk-based remediation guided by operational realities. Segmentation, Zero Trust & Monitoring + Define segmentation strategies aligned to utility environments: + Enterprise IT + AMI / Grid Edge + OT / Control Systems + Ensure security architectures support: + Zero Trust principles where applicable + Strong identity, authentication, and authorization + Define monitoring and visibility requirements for: + AMI traffic + DER command-and-control paths + Inter-zone communications + Ensure integration with: + SIEM + Network Detection & Response (NDR) + Flow telemetry (NetFlow, IPFIX) Regulatory & Stakeholder Engagement + Support compliance and audit activities related to: + Utility cybersecurity regulations and standards + Internal and external security assessments + Act as a technical liaison between: + IT security + OT engineering + Grid operations + Regulatory and compliance teams Leadership & Influence + Serve as the senior technical authority for cybersecurity architecture + Mentor senior architects and engineers across IT, OT, and network domains. + Influence technology strategy while remaining hands-on and technically credible. Required Qualifications Technical Experience + 10+ years in networking, infrastructure, and security architecture. + Deep hands-on expertise with: + Cisco Nexus (9K, NX-OS, EVPN, VXLAN) + Nokia service routing and IP/MPLS + Ciena optical and transport networking + Proven experience designing and securing: + Utility WANs + AMI backhaul and aggregation networks + Multi-site, high-availability architectures Utility & Cybersecurity Expertise + Demonstrated experience in energy utility environments . + Strong understanding of: + AMI architectures and data flows + DER integration risks + IT/OT separation principles + Experience performing: + Cybersecurity architecture reviews + Risk assessments for grid-connected systems Preferred Qualifications + Experience with: + Grid modernization initiatives + DERMS platforms + Cloud-hosted AMI or analytics systems + Certifications (preferred, not required): + CISSP, CCSP, GIAC + CCNP / CCIE + Nokia certifications Pay Range $150,000u2014$180,000 USD Benefits + Health, dental, and vision coverage + Life insurance + 401 (k) w/company match 100% up to 3% and an additional 50% match of 2% + Paid time off + 11 Paid Holidays _We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, sex, age, national origin, disability, Veteran status, or any other category protected by federal, state, or local laws._Integrated Security Technologies, Inc. does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.

Created: 2026-02-05