Senior Cloud Security Architect

Job Description:

• Acts as a Cloud Security Subject Matter Expert for the client’s Infosec department. Identifies opportunities to reduce cloud security risk for the client, provides solutions, and leads implementations.
• Creates design artifacts to enable members of the Cloud Security team to implement solutions built in-house or purchased from vendors.
• Partners with product teams to design secure network and serverless architectures.
• Provides strong IAM policy guidance for least privileged access to product teams.
• Reviews cloud architecture and AI/ML workflows to advise development teams on secure design principles and identify issues prior to deployment of systems or features.
• Interfaces with public cloud providers to improve the security feature set of their products.
• Interfaces with cloud security vendors to evaluate features and determine proof-of-value.
• Mentors junior members of the team.
• Creates and maintains documentation related to cloud security designs, configurations, processes, standards, and recommendations.
• Collaborates with senior management and department leaders to assess near- and long-term cloud security needs.
• Stays current with the latest cloud threat mitigation tools and techniques.

Requirement/Must Have:

• Experience designing and implementing systems that support multiple users.
• At least 2 years of experience in design, implementation, and maintenance of systems used by users.
• Ability to evaluate technical documentation and diagrams for cloud environments and identify security issues in those designs.
• At least 2 years of experience in security architectural reviews and ability to create design artifacts, including infrastructure diagrams.
• Ability to review technical configuration and identify mitigating controls for security-related misconfigurations.
• At least 2 years of experience managing exception requests.

Experience:

• Experience with securing and building Azure cloud environments.
• Proficiency in at least one scripting language such as Python, Node.js, or Golang. Core understanding of IP networking, routing, and VPNs.

Should Have:

• Hands-on experience in security administration in Azure.
• Experience in developing and securing serverless applications.
• Familiarity with infrastructure as code tools such as Terraform, CloudFormation, and Ansible.
• Command line experience with Bash, PowerShell, or AWS-CLI.
• Knowledge of Docker and Kubernetes. Experience with cloud network engineering.
• Familiarity with cloud-native security tools such as Azure Defender for Cloud, AWS Guard Duty, GCP Security Center, and WAF.
• Experience with GitHub Security.

Skills:

• Strong understanding of cloud-based infrastructure components with specific knowledge of security risks in decentralized and hybrid environments.
• Broad understanding of information security and compliance risk as they apply to public cloud.
• Ability to automate processes end-to-end and collaborate with engineering and product teams to integrate security into existing processes.
• Excellent verbal and written communication skills with strong attention to detail.
• Ability to remain productive while rapidly switching context.
• Driven to stay current with evolving threat landscapes.

Qualification And Education:

• Bachelor’s degree in Computer Science, Information Security, or related field.
• Azure Certifications such as Azure Fundamentals or Solutions Architect.
• Preferred certifications include AWS Solutions Architect, AWS Security Specialty, GCP Associate Cloud Engineer, GCP Professional Security Engineer, CISSP, and CompTIA Security+.
• Previous experience with Wiz, Client, Brinqa, and integrations with Slack and Jira is an advantage