Haystack
← Back to Jobs
Other

AWS Network Architect

Arnex Solutions LLCChicago, IL🇺🇸United StatesPosted 13 Jul 2026

Quick Overview

Work Type
On Site
Level
Mid Senior

Job Description

AWS Network Architect 
Chicago IL - 3 days Onsite 
 
Overview:
We are seeking an External Perimeter Security Architect for our client on a contract basis. You will lead a security architecture engagement focused on redesigning the external perimeter for both cloud and on-premises environments with the goal of reducing real risk exposure and deliver structured, milestone-based remediation plans that drive informed decisions.
 
Responsibilities:
Perimeter & Network Security Architecture
Assess, redesign, and reengineer the existing external perimeter. Deliver a feasibility assessment with a phased remediation roadmap, documented in Confluence.
Conduct a connection-by-connection assessment of high-risk network paths, document replacement options, and break findings into milestone-based remediation phases.
Extend architecture controls across on-premise and hybrid cloud environments, ensuring operationally effective security controls that minimize friction for the business.
 
AWS Security Hardening
Design and implement SCPs, Resource Policies, and VPC Endpoints to enforce isolation
Harden IAM controls and access patterns through guardrails
Configure data flow controls and encryption in transit/at rest
Work across multiple AWS accounts with an ability to prioritize and scale remediation
Embed AI-augmented tooling into architecture review workflows
 
 
CI/CD & Infrastructure-as-Code Security
Evaluate and harden CI/CD pipeline architecture and IaC configurations
Ongoing Architecture Review
Maintain correctness throughout the change lifecycle
Establish segmentation and zero-trust enclaves to contain blast radius
Map findings to TTPs to support early detection before remediation is complete
Identify and prioritize key operational risks surfaced during the engagement
 
Qualifications:
Required Qualifications:
Deep knowledge of traditional network security and SD-WAN
Zero trust architecture
AWS security configuration and best practices across cloud-native services (Control Tower, Security Hub, Config, Guardduty)
Cloud networking, integration patterns, and cross-account security management
Data encryption — at rest and in flight
 
 
Preferred Qualifications:
Privileged Access Management fundamentals
CI/CD pipeline security using third-party tools (Ansible, Jenkins, or similar)
Hands-on experience with AI coding agents (e.g., Claude Code, OpenAI Codex, Gemini CLI) — professional or personal

Skills

AWS
Encryption
Ansible
Confluence
Jenkins
REST
Zero Trust

Similar jobs