Senior Cloud Security Architect

About

As a Senior Cloud Security Architect, you will lead the strategic vision for protecting our multi-cloud ecosystem. You are responsible for designing the security blueprints that govern our entire digital footprint—from identity perimeters to AI-driven threat detection. This role requires a "Security as Code" mindset, where you build automated guardrails that empower developers to move at speed without compromising the safety of our data or infrastructure.

Key Responsibilities

Security Architecture Vision

• Lead the design of a global Zero Trust architecture
• Ensure robust Identity Governance (IAM)
• Implement Network Micro-Segmentation
• Manage Data Encryption
• Work across AWS, Azure, or GCP

AI-Native Security Strategy

• Architect specialized security frameworks for AI/ML pipelines
• Focus on:
  • Data Privacy for training sets
  • Model Integrity
  • Securing LLM-integrated applications
  • Protection against emerging attack vectors

Automated Guardrails (Policy as Code)

• Develop and enforce enterprise-wide security policies using:
  • Terraform
  • Policy as Code
• Ensure non-compliant infrastructure is automatically remediated or blocked from deployment

Cloud Posture Management

• Design and oversee integration of:
  • CNAPP
  • CSPM
• Provide real-time visibility into:
  • Misconfigurations
  • Vulnerabilities
  • Excessive permissions

Threat Modeling & Resilience

• Conduct deep-dive threat modeling for complex cloud-native systems
• Simulate:
  • Advanced Persistent Threats (APTs)
  • Blast Radius Scenarios
• Strengthen overall system resilience

Security Consultancy

• Act as the lead security advisor for the Cloud Architecture team
• Bridge the gap between:
  • DevOps Agility
  • Regulatory Compliance (SOC2)

Technical Qualifications

Security Platforms

• Required Skills
  • Mastery of cloud-native security suites:
    • AWS Security Hub
    • Azure Defender
    • GCP Security Command Center

Identity & Access

• Required Skills
  • Expert knowledge of:
    • Identity-First Security
    • CIEM
    • Just-In-Time (JIT) Access
    • Complex OIDC/SAML Flows

Automation

• Required Skills
  • Proficiency in:
    • Python
    • Go
    • Bash
  • Build custom security automations
  • Integrate with SOAR Platforms

DevSecOps

• Required Skills
  • Deep experience embedding automated security testing:
    • SAST
    • DAST
    • SCA
  • Integrate directly into CI/CD Pipelines

Cloud Networking

• Required Skills
  • Advanced understanding of secure connectivity:
    • SD-WAN
    • Cloud WAF
    • Zero Trust Network Access (ZTNA)

Preferred Experience

• Experience
  • 12+ years in Cybersecurity
  • At least 6 years focused on architecting secure cloud environments at scale
• Certifications
  • Top-tier credentials
• Education
  • Advanced degree in:
    • Computer Science
    • Cybersecurity
    • Related engineering field preferred
  • BS degree from an accredited College/University in the applicable field of services is required, or four additional years of relevant experience in lieu of a college degree.
  • If the individual's degree is not in the applicable field then four additional years of related experience is required.
• Soft Skills
  • Strong ability to bridge the gap between:
    • "Speed of DevOps"
    • "Rigors of Security"
  • Excellent communication with executive leadership
• Leadership
  • Proven ability to influence technical roadmaps
  • Present security risks clearly to C-suite stakeholders

Core Objectives

Zero Standing Privilege

• Help transition the organization to a:
  • "Zero Standing Privilege" model
• Apply across all production environments

Automated Compliance

• Help achieve automated auditing for core compliance frameworks:
  • NIST
  • CIS Benchmarks

Mean Time to Detect (MTTD)

• Utilize AI-driven monitoring
• Reduce anomalous cloud activity detection time to minimum