Network Security Architect – Detection & Protection

Who We Are

Applied Materials is a global leader in materials engineering solutions used to produce virtually every new chip and advanced display in the world. We design, build and service cutting-edge equipment that helps our customers manufacture display and semiconductor chips – the brains of devices we use every day. As the foundation of the global electronics industry, Applied enables the exciting technologies that literally connect our world – like AI and IoT. If you want to push the boundaries of materials science and engineering to create next generation technology, join us to deliver material innovation that changes the world.

What We Offer

You’ll benefit from a supportive work culture that encourages you to learn, develop, and grow your career as you take on challenges and drive innovative solutions for our customers. We empower our team to push the boundaries of what is possible—while learning every day in a supportive leading global company. Visit our Careers website to learn more.

At Applied Materials, we care about the health and wellbeing of our employees. We’re committed to providing programs and support that encourage personal and professional growth and care for you at work, at home, or wherever you may go. Learn more about our benefits.

We are seeking a Network Security Architect to lead the design, deployment, and optimization of advanced network detection and protection capabilities across our enterprise. This individual will play a key role in enabling threat-informed defense strategies and ensuring malicious activity is detected and mitigated before it can cause impact.

This is a hands-on, strategic role—ideal for a seasoned security architect with deep expertise in network-layer defenses, strong architectural thinking, and experience contributing to complex investigations and incident response efforts.

You’ll lead efforts to identify where and how we collect network telemetry to support threat detection and architect smart, effective defenses across our hybrid environment. This includes recommending the placement and configuration of technologies such as NDR sensors, SWG, SSE, API gateways, and NGFWs—based on risk, threat modeling, and telemetry value.

You’ll also play a key role in supporting threat hunting efforts, particularly at the network layer—leveraging flow analysis and telemetry insights to identify potential gaps or attacker behavior.

Key Responsibilities

• Serve as the network detection strategy lead—identifying where and how we collect network telemetry to support threat detection.
• Ensure telemetry is strategically collected to support detection, investigation, and threat hunting across cloud and on-prem environments.
• Architect and optimize network security threat detection technologies, including:
• NDR and NGFWs
• SWG and/or SSE
• API gateways
• DDoS protection platforms
• WAF and RASP solutions
• Serve as the technical lead and escalation point for network detection and protection engineering.
• Develop and maintain detection logic informed by MITRE ATT&CK and current adversary tactics.
• Partner with CTI and purple teams to simulate and detect real-world attack techniques and validate the effectiveness of the network detection and protection toolset.
• Collaborate with the SOC to optimize telemetry from network and enterprise services for threat detection (e.g., SIEM, NDR, proxy/firewall logging).
• Support Tier 3 incident response, especially for network-centric attacks or evasive techniques.
• Conduct assessments, audits, and configuration reviews of network security platforms.
• Lead or guide cross-functional security projects aimed at enhancing enterprise detection maturity.

Required Qualifications

• Bachelor’s degree in Cybersecurity or a related field.
• 7+ years of experience in security engineering with strong expertise in network detection and protection.
• At least one of the following (or similar) certifications: CCNA, PCNSA, GCIA, GCTI, OSCP, Security+, CISSP
• Proven experience architecting secure network defenses for large, complex organizations.
• Strong understanding of MITRE ATT&CK, adversary behaviors, and detection engineering principles.
• Experience tuning and optimizing SIEM, NDR, NGFWs, or security analytics platforms.
• Hand-on experience with NDR, NGFWs, SWG/SSE, Netflow & packet analysis, threat hunting, and log correlation techniques (L3–L7).
• Familiarity with DDoS protection platforms (e.g., Azure, AWS, or Google native services).
• Demonstrated ability to lead technical investigations and collaborate across disciplines.

Preferred Qualifications

• At least two of the following (or similar) certifications: CCNA, PCNSA, GCIA, GCTI, OSCP, Security+, CISSP
• Experience with WAF, API Gateways, and DDos protection platforms
• Familiarity with NIST CSF and CIS Controls.
• Experience working in or supporting security for manufacturing or industrial organization

Additional Information

Time Type: Full time

Employee Type: Assignee / Regular

Travel: Yes, 10% of the Time

Relocation Eligible: Yes

Applied Materials is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, national origin, citizenship, ancestry, religion, creed, sex, sexual orientation, gender identity, age, disability, veteran or military status, or any other basis prohibited by law.

Applicant Privacy Policy