Cloud Security Architect

City/State:

Grant Funded:

Department:

Work Shift:

Work Days:

Scheduled Hours:

Scheduled Daily Hours:

Pay Range:

In office 4-6 times a year, or as needed.

Key Responsibilities:

• Design, develop, and implement secure, resilient cloud architecture, aligning with business objectives and regulatory standards.
• Lead the development of blueprints, design patterns, and reusable architecture frameworks for secure cloud deployments.
• Establish and enforce best practices for securing cloud environments, including network segmentation, data encryption, and identity access management, specifically tailored for cloud services.
• Develop governance policies and guardrails for cloud usage across business units, ensuring consistent application of security controls.
• Identify, assess, and prioritize cloud security risks, implementing appropriate mitigation strategies.
• Integrate security monitoring, logging, and alerting with existing SIEM to proactively manage threats.
• Design least-privilege IAM roles, fine-grained access policies, security groups, that integrate with existing privileged access management and multi-factor authentication mechanisms.
• Integrate identity federation and single sign-on (SSO) solutions with enterprise IAM solutions.
• Architect encryption strategies for data at rest, data in transit, and data in use that integrate with the enterprise HSM.
• Develop and enforce data protection policies, ensuring sensitive data is managed securely and complies with relevant data protection regulations.
• Develop security automation practices using Infrastructure as Code (IaC) tools.
• Design and oversee the implementation of comprehensive cloud native cybersecurity solutions that protect the organization's critical assets.
• Ensure that the company cloud architecture complies with relevant laws, regulations, and industry standards (e.g., HIPAA, HITECH, NYSDOH 405.46, HITRUST, etc.).
• Engage with external stakeholders, including vendors, partners, and regulators, to ensure the organization's cloud cybersecurity posture is robust and aligned with industry standards.
• Lead cross-functional teams in the design and implementation of cloud native security solutions, ensuring collaboration and alignment across the organization.
• Lead the continuous improvement of the organization's cloud cybersecurity architecture, ensuring it evolves to address new threats and challenges.
• Stay informed of the latest developments in cybersecurity, participating in professional networks and continuing education opportunities.

Required Skills and Knowledge:

This position requires advanced skills in Terraform, Python, AWS Security Services, SCP/IAM Policy - JSON, CNAPP Tooling, AWS Config/Conformance Packs.

• Deep understanding of cloud-based cybersecurity principles, including encryption, authentication, access control, and network security.
• Extensive experience in designing and implementing cybersecurity architectures for complex, enterprise cloud environments.
• Familiarity with common enterprise architecture frameworks including SABSA, OESA, TOGAF and similar.
• Expertise in cloud security, identity and access management (IAM), and security information and event management (SIEM) systems.
• Ability to translate research findings into practical solutions that address real-world security challenges.
• Strong strategic thinking skills, with the ability to develop and execute long-term cybersecurity plans.
• Ability to lead large-scale cybersecurity initiatives and projects, ensuring alignment with organizational goals.
• Excellent communication skills, with the ability to present complex technical information to both technical and non-technical audiences.
• Strong interpersonal skills, with the ability to build relationships and influence stakeholders at all levels of the organization.
• Experience in collaborating with cross-functional teams, including IT, legal, compliance, and business units.

Required Experience:

• Experience: 10+ years of experience in cybersecurity, with a focus on solution design, architecture, and leadership.
• Experience in Leadership: Extensive experience leading cybersecurity teams and initiatives at a senior level.
• Experience in Solution Architecture: Hands-on experience designing and implementing cybersecurity solutions in large, complex organizations.

Education:

• Master's degree or equivalent experience in Cybersecurity, Computer Science, Information Security, or a related field.

Certifications (Preferred but not required):

• AWS Certified Solutions Architect (Professional)
• AWS Certified Security
• AWS Certified AI Practitioner
• Microsoft Certified Cybersecurity Architect Expert
• EC-Council's Certified Network Defense Architect (CNDA)
• GIAC Defensible Security Architecture (GDSA)
• ISC2's CISSP - ISSAP (Information Systems Security Architecture Professional)

Personal Attributes:

• Visionary Leadership: Ability to inspire and lead teams towards a shared vision of cybersecurity excellence.
• Curiosity and Innovation: A natural inclination to explore new technologies and push the boundaries of what is possible in cybersecurity.
• Integrity and Ethics: Commitment to ethical behavior and adherence to the highest standards of professional conduct.
• Resilience and Adaptability: Ability to navigate and lead in a fast-paced, ever-changing cybersecurity landscape.
• Strategic Thinking: Ability to see the big picture and develop long-term strategies that align with organizational goals.

This position requires advanced skills in Terraform, Python, AWS Security Services, SCP/IAM Policy - JSON, CNAPP Tooling, AWS Config/Conformance Packs.

#SF-DICE

#SF-LI-SC