Neptune Technology Group Inc. is a technology company serving water utilities across North America. Since 1892, we have continually focused on the evolving needs of water utilities – revenue optimization, operational efficiencies, and improved customer service. With our portfolio of smart water meters, data collection systems and software, we make data actionable for our customers – so they can remain focused on the business of water. For additional information, please visit the company website at www.neptunetg.com.

Technical Architecture (Cyber Security, IT & Cloud):
• Design and document secure system architectures for enterprise systems, ensuring scalability, reliability, and security, including technical documentation such as system diagrams, data flow charts, integration specifications, and security architecture patterns
• Evaluate and recommend technology platforms, frameworks, tools, and cloud security solutions that align with organizational standards and industry best practices
• Design and support implementation of security controls, frameworks (NIST, ISO 27001), and secure communication protocols that integrate seamlessly with business processes and technology platforms
• Design and implement secure cloud architectures across public, private, and hybrid environments, including cloud security frameworks, migration strategies, and native security services
• Participate in security architecture reviews and provide recommendations for improving security posture across technology solutions
• Collaborate with cloud infrastructure teams to ensure security controls are embedded throughout cloud service deployments
• Evaluate cloud security tools and platforms for threat detection, compliance monitoring, and incident response capabilities

Zero Trust Architecture (ZTNA):
•Contribute to the design and implementation of Zero Trust security models across Neptune's technology ecosystem
•Develop identity and access management strategies that follow Zero Trust principles of "never trust, always verify"
•Design micro segmentation strategies for network and application environments
•Support the evaluation and implementation of Zero Trust technologies including identity providers, access controls, and monitoring tools
• Partner with IT & CloudOps teams to design secure network topologies for both on-premises and cloud environments supporting water utility operations
• Develop network segmentation strategies that enhance security while maintaining operational efficiency
• Collaborate with infrastructure teams to ensure network designs support business continuity and disaster recovery requirements

Product Security Architecture:
• Integrate security controls into hardware, software, and firmware development lifecycles for water metering and data collection products
• Conduct threat modeling and security risk assessments for product designs and implementations
• Work with product teams to ensure security is considered from conception through deployment and maintenance
• Develop security testing strategies and participate in security validation activities (Pentests)

AI Architecture:
• Support the secure design and secure implementation of AI and machine learning solutions to ensure integral adherence to security and privacy control requirements
• Evaluate AI platforms and frameworks for security, scalability, and compliance with data protection regulations
• Partner with GRC to develop governance frameworks for AI implementations including data handling, model security, and ethical considerations
• Stay current with AI security trends and emerging threats in machine learning environments

Identity Architecture:
• Design and implement identity provider (IDP) solutions and identity management architectures that support enterprise authentication and authorization requirements
• Develop identity federation strategies that enable secure access across multiple systems and applications
• Support the implementation of modern identity protocols including SAML, OAuth 2.0, OpenID Connect, and SCIM
• Design identity lifecycle management processes including user provisioning, de-provisioning, and access governance
• Architect password and credential management solutions including password less authentication, multi-factor authentication (MFA), and privileged access management (PAM)
• Design secure credential storage, rotation, and distribution mechanisms for both human and service accounts
• Evaluate and recommend identity management platforms and tools that integrate with existing technology infrastructure

Education:
• Bachelor’s degree in Computer Science, Cybersecurity, Engineering, Data Analytics, or related technical field
• Master of Science degree and/or MBA required
• Ph.D or D.Eng desired
• Relevant certifications are a plus (e.g., Security+, Network+, Cloud+, CISSP Associate, AWS/Azure foundational certifications)

Experience:
• 2+ years of experience in IT systems, cybersecurity, software development, risk, or analytics roles
• Demonstrated experience with system design, network technologies, or security implementations
• Experience with cloud platforms (AWS, Azure) and modern development frameworks preferred
• Familiarity with security frameworks such as NIST, ISO 27001, or industry-specific compliance requirements

Knowledge & Expertise:
• Technical Foundations: Strong understanding of system architecture principles, network protocols, and security fundamentals
• Security Frameworks: Working knowledge of cybersecurity principles, risk management, and security control frameworks
• Cloud & Modern Technologies: Familiarity with cloud architecture patterns, API security, containerization, and DevSecOps practices
• Emerging Technologies: Basic understanding of AI/ML concepts, IoT security, and modern software development practices

Skills:
• Analytical & Problem-Solving: Strong analytical skills with ability to assess complex technical challenges and propose effective solutions
• Communication & Collaboration: Excellent written and verbal communication skills with ability to explain technical concepts to diverse audiences
• Technical Documentation: Proficiency in creating technical documentation, architectural diagrams, and system specifications
• Continuous Learning: Demonstrated commitment to staying current with technology trends and professional development
• Tools & Platforms: Proficiency with architectural design tools, security assessment tools, cloud platforms, and Microsoft Office Suite

Travel Requirements: Typically requires overnight travel less than 10% of the time.

Equal Opportunity Employer EEO/AA M/F/Vet Disability

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.