Senior Cloud Architect

Primary Responsibilities:

• Design and implement enterprise-class security architectures/systems for production or production equivalent environments (hybrid cloud).
• Collaborate with engineers and architects to create a unified strategy for AWS cloud security and governance, including identity access management (IAM), infrastructure and data protection and recovery, cloud networking, and application development and hosting
• Prepare cloud security guidance, standards, requirements, design, and ensure that the end product is aligned to the cloud strategy and overall enterprise architecture standards, including data integration points with on-premise infrastructure
• Consult with network engineers to design and implement robust security groups, account peering, and transit gateway configurations
• Lead security posture assessments for customers and provide recommendations to improve the overall security posture.
• Be the evangelist of cloud security and influence engineers and leaders to adhere to the architectural framework and principles
• Collaborate with the security compliance team to develop effective and audit-able security controls that adhere to security frameworks and agile practices.
• Facilitate the understanding of the end-to-end security strategy and architecture with a focus on cloud-native architectures.
• Ensure compliance with laws, regulations, and industry standards, and compliance programs (e.g. SOC2, PCI, ISO 27001, NIST 800-X)

Skills/Requirements

Required Knowledge, Skills and Experience:

• 10+ years of experience in systems engineering support of AWS infrastructure, with 5-7 years focusing on AWS security architecture design and implementation
• Experience building security reference architecture for all-in cloud deployments and hybrid scenarios
• Proven experience in IT security, compliance and risk management, privacy controls, and security reference architectures for fully cloud and/or hybrid deployments
• Expert in AWS security skills including Identity access management (IAM), Infrastructure Protection, Data Protection, Security Logging and Monitoring, and Cloud Networking
• Implementation experience with enterprise security solutions such as WAF, IPS, anti-DDOS, and SIEM supporting cloud environments
• Hands-on experience supporting CI/CD pipelines in a cloud hosting and development environment, especially with Jenkins, GitHub, and Jira technologies
• Experience designing and implementing security solutions for container environments, specifically with Kubernetes and Docker
• Technical expertise in Cloud Computing technologies, scripting languages (JSON, Python, RoR, etc), integrating 3rd party monitoring tools, encryption tools and best practices, and forensics
• Experience building enterprise security strategy for cloud adoption or driving the programs evolution to meet new requirements
• Expert knowledge of risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies, and security attack pathologies
• Hands-on technical expertise in building security capabilities in code and deploying infrastructure in code
• Hands-on technical expertise in security architecture, technology automation, implementation, integration, and/or deployment
• Experience with zero-trust/least privilege models
• Ability to apply security from an end-to-end view on the across code, data, connectivity, encryption, access, etc.
• Knowledge of ISO 27001/27002 frameworks.
• Knowledge of third-party auditing and cloud risk assessment methodologies
• Bachelor s degree in a technology or business-related field (BSc or BBA preferred)
• Strong verbal and written communications skills and ability to lead effectively across organizations. Computer Science or Math background preferred
• AWS Security Specialty Certification

Preferred Knowledge, Skills and Experience:

• Certification such as SANS GIAC, CISA, or CISSP preferred
• Strong technical documentation skills

Role: