Principal Architect - Network Security

We are so glad you are interested in joining Sutter Health!

Organization:

SHSO-Sutter Health System Office-Valley

Position Overview:

Provides strategic and technical leadership across Sutter Health’s enterprise technology ecosystem. This role defines, develops, and executes architecture strategies that drive scalability, performance, and innovation across infrastructure, data, and application domains. Ensures that technology decisions align with long-term enterprise objectives while maintaining focus on execution excellence, standardization, and integration.

Recognized as a subject matter expert and thought leader, leads strategic initiatives, oversees solution delivery at scale, and steers technology modernization efforts. The role also drives continuous innovation by evaluating emerging technologies, shaping architectural roadmaps, and ensuring solutions align with Sutter Health’s operational goals.

Job Description:

EDUCATION:
Equivalent experience will be accepted in lieu of the required degree or diploma.

• Bachelor's: Computer Science, Information Technology, or related field

TYPICAL EXPERIENCE:

• 12 years of recent experience.

PREFERRED EXPERIENCE:

• Next‑Gen Firewall architecture at enterprise scale, including standards/reference designs, lifecycle planning, migrations, and operational governance; strong hands-on depth with NGFW platforms and policy constructs.

• Network segmentation strategy and implementation, including VLAN/ACL analysis, designing default‑deny boundaries, reducing lateral movement, and moving critical segments behind head‑end/campus firewalls with a roadmap-driven approach and measurable outcomes.

• Network Access Control (NAC) program leadership, including solution evaluation/POCs, enterprise rollout planning, device posture checks, exception handling, and enforcement models across clinical/campus environments.

• VPN and secure remote connectivity architecture, including site‑to‑site VPN evaluation/design, remote admin access controls, and integration with segmentation policies and governance.

• Firewall policy lifecycle governance (rule hygiene, least privilege, recertification/audit evidence, risk-based exception handling), including producing artifacts like firewall zone diagrams, segmentation standards, and evidence-ready exports for assessments.

• Operational runbooks + incident/change integration for network security controls  and the ability to translate architecture into processes that engineers can execute consistently.

• Cloud network security integration (Azure) — understanding how network security patterns extend into cloud networking (e.g., WAF, gateway/load balancer patterns, VPN connectivity) and how Zero Trust network principles influence segmentation and access.

SKILLS AND KNOWLEDGE:

• Advanced knowledge in formulating state-of-the-art enterprise strategic architecture framework plans.

• Advanced knowledge in the engineering, implementation, operation, maintenance, and support of a wide range of server and storage platforms.

• Expert knowledge of visualization technologies.

• Ability to set priorities that accurately reflect the relative importance of job responsibilities and complete assignments in a timely manner.

• Strong analytical skills to identify patterns, tendencies, and relationships that inform logical conclusions.

• Proven ability to establish and maintain cooperative working relationships with stakeholders across all levels.

• Excellent verbal and written communication skills to convey complex technical information clearly to both technical and non-technical audiences.

• Skilled in developing documentation at both technical and user levels.

• Requires in-depth and/or breadth of expertise in own job family and broad knowledge of other job families within the service line.

• Anticipates business and regulatory issues; recommends process or service improvements.

• Leads projects with notable risk and complexity; develops the strategy for project execution.

• Solves unique problems with broad impact on the business; requires conceptual and innovative thinking to develop solutions.

• Impacts the direction and resource allocation for programs, projects, or services; works within general service line policies and industry guidelines.

• Communicates complex ideas, anticipates potential objections, and persuades others, often at senior levels, to adopt a different point of view.

These Principal Accountabilities, Requirements and Qualifications are not exhaustive but are merely the most descriptive of the current job. Management reserves the right to revise the job description or require that other tasks be performed when the circumstances of the job change (for example, emergencies, staff changes, workload, or technical development)

Job Shift:

Days

Schedule:

Full Time

Days of the Week:

Monday - Friday

Weekend Requirements:

As Needed

Benefits:

Yes

Unions:

No

Position Status:

Exempt

Weekly Hours:

40

Employee Status:

Regular

Sutter Health is an equal opportunity employer EOE/M/F/Disability/Veterans.

Pay Range is $161,616.00 to $258,585.60 / annual salary

The compensation range may vary based on the geographic location where the position is filled. Total compensation considers multiple factors, including, but not limited to a candidate’s experience, education, skills, licensure, certifications, departmental equity, training, and organizational needs. Base pay is only one component of Sutter Health’s comprehensive total rewards program. Eligible positions also include a comprehensive benefits package.