Cambridge, MA, USA | Other Location: Cambridge, MA Company: Nanobiosym Job Summary Nanobiosym is an award-winning company at the forefront of nanotechnology, physics, and biomedicine. Based in Cambridge, MA and founded by an MIT/Harvard alum, we are building next-generation tech solutions for healthcare. We are looking for a Senior IT & Cybersecurity Architect to build out and upgrade end to end IT infrastructure-from secure networks and virtualized environments to cloud security and endpoint management. This is an on-site, hands-on role for someone who can design, implement, and proactively manage a highly secure, high-performance IT environment, while working closely with executive leadership to align technology with business goals. Job Responsibilities + Design, implement, and manage secure, scalable networks (LAN/WAN, VLANs, VPNs, SD-WAN) and segmentation strategies. + Deploy and maintain virtualization infrastructure (VMware, Citrix) and containerized environments (Docker, Kubernetes). + Architect and manage Zero Trust and zero/thin client environments for secure endpoint access. + Configure and manage firewalls, access controls, and monitoring systems to ensure 24/7 security and availability. + Lead user and VM provisioning, device management, and endpoint security across Windows and Linux systems. + Implement and oversee AWS cloud security, including IAM, VPCs, S3, and centralized logging. + Conduct regular risk assessments, propose security improvements, and lead incident response when needed. + Develop documentation (network diagrams, SOPs, access policies) and enforce compliance with standards (NIST, ISO 27001). + Collaborate with leadership to define IT/security roadmaps, manage priorities, and communicate risks/tradeoffs. + Evaluate and onboard vendors, tools, and services aligned with infrastructure needs. Required Qualifications + PhD or Master's degree in Computer Science, Information Security, Engineering, or a related field. + 7+ years of hands-on experience in IT infrastructure, cybersecurity architecture, and systems engineering. + Proven experience designing and managing virtualized environments (VMware, Citrix) and containerized systems (Docker, Kubernetes). + Strong understanding of networking principles (TCP/IP, DNS, DHCP) and practical experience configuring firewalls, VLANs, VPNs, and SD-WAN. + Hands-on expertise in implementing Zero Trust architecture, zero/thin client infrastructure, and securing air-gapped or segmented environments. + Deep experience with user provisioning, identity and access management (IAM), and endpoint control across Windows and Linux systems. + Proficiency in securing and operating AWS environments, including VPC design, IAM roles, encryption, and monitoring (CloudWatch, GuardDuty). + Familiarity with infrastructure automation tools such as PowerShell, Bash, Terraform, or Ansible. + Experience with SIEM platforms, EDR tools, and log aggregation for detection and response (e.g. Splunk, Logz.io, SentinelOne, etc.). + Solid grasp of cybersecurity frameworks and compliance standards such as NIST CSF, ISO 27001, HIPAA, and awareness of FDA-related frameworks (e.g. IEC 62304). + Ability to work autonomously in a high-trust environment, define best practices, and build systems from the ground up. + Excellent documentation and communication skills, with the ability to clearly articulate technical decisions, risk tradeoffs, and system architecture to non-technical leadership (CEO, legal, operations, etc.). + DOD Compliance and Security Clearance preferred. Preferred Qualifications + Certifications: CISSP, CISM, CCNP, AWS Security Specialty, or similar. + Familiarity with scripting/automation (e.g. PowerShell, Python, Terraform, Ansible). + Experience working in regulated industries (biotech, pharma, healthcare). + Knowledge of compliance frameworks: NIST CSF, ISO 27001, IEC 62304, HIPAA. + Exposure to OT, IoT, or LIMS environments is a plus.