Cloud Security Architect

Responsibilities:

• Security Architecture Design:
• Assess customers' existing security and network architectures in on-premise environments.
• Design secure, scalable, and cost-effective AWS cloud solutions aligned with industry best practices and regulatory requirements.
• Develop detailed security architecture diagrams, documentation, and migration plans.
• Recommend and implement security enhancements and transformations, such as moving to VM-series firewalls and SD-WAN.
• Cloud Security Implementation:
• Configure and deploy AWS security services (e.g., IAM, Security Hub, GuardDuty, CloudTrail, VPCs, Security Groups, NACLs) to protect workloads in the cloud.
• Implement and manage security infrastructure, including firewalls, intrusion detection/prevention systems, and web application firewalls (WAFs).
• Automate security configuration and deployment using Infrastructure as Code (IaC) tools like CloudFormation or Terraform.
• Security Transformation:
• Lead the transformation of customers' security posture from traditional models to modern, cloud-centric approaches.
• Provide expertise in migrating from port-based firewalls to advanced VM-series firewalls and implementing SD-WAN technologies.
• Design and implement network segmentation strategies to isolate workloads and minimize the attack surface.
• Risk Management and Compliance:
• Conduct risk assessments and vulnerability analyses to identify security gaps in the cloud environment.
• Develop and implement security policies, standards, and procedures to ensure compliance with industry regulations (e.g., HIPAA, PCI DSS, GDPR).
• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5+ years of experience in security architecture, with a focus on cloud security and AWS.
• Strong understanding of network and security architectures in on-premise environments.
• Deep expertise in AWS security services and best practices.
• Experience designing and implementing security solutions for cloud migration projects.
• Knowledge of security frameworks and standards (e.g., NIST, CIS, ISO 27001).
• Familiarity with security tools and technologies, such as firewalls, intrusion detection systems, and SIEM solutions.
• Experience with Infrastructure as Code (IaC) and automation tools (e.g., CloudFormation, Terraform).
• Excellent communication, collaboration, and problem-solving skills.
• AWS Certified Security Specialty or equivalent certification is highly preferred.
• Experience migrating from traditional firewalls to VM-series firewalls and implementing SD-WAN solutions.
• Experience with cloud security automation tools.
• Experience working with enterprise customers.

Preferred candidate profile