Cloud Security Architect

The security and cloud architect provides expert guidance for addressing current security issues but has the foresight to see where the industry is headed and proactively deliver optimal secure solutions. The architect is expected to think like an adversary and identify how solutions should evolve as the threat landscape changes. A senior-level role, the architect possesses strong communication and organizational skills, and the ability to guide less experienced coworkers. The architect provides technical leadership to delivery and solution design team members.

The cloud security architect role is responsible for architecting, implementing, and advising a secure cloud infrastructure supporting business needs. The position will architect secure infrastructure and applications that align with business and cybersecurity strategy to support a fast-paced environment. Architects in this role will support the progressive needs of the business and provide timely, secure and cost-efficient solutions that elevate the company’s cloud security posture. An advanced role, the cloud architect will deliver resilient applications at scale to support business initiatives. Cloud security architects possess advanced administration and troubleshooting skills, along with knowledge to support architecture, engineering, and design principles. Architects shall be proficient with disparate applications and data systems to maintain a high level of security rigor.

The role requires deep technical knowledge of cloud computing architecture, security principles and cybersecurity best practices. A cloud security architect is highly technical and proficient in cybersecurity and systems administration across a wide variety of infrastructure types (SaaS, IaaS, PaaS). Additionally, demonstrated experience with AWS, Microsoft Azure, Oracle, Google Cloud and other cloud solutions is a requirement. The ability to automate, provision and manage cloud resources across multiple environments with infrastructure as code (IaC) principles is required. Architects are expected to be analytical and possess a strong work ethic and the critical thinking skills needed to manage complex systems and applications. Successful candidates in this role are adept at working with business units and have good listening and communication skills. In tandem with security leadership, cloud architects will consistently assess the threat landscape and adapt quickly to protect the business from risk. The architect will report to cloud security leadership and have strong working relationships with IT and application development leadership.

Essential Functions:

• Architect, design and implement scalable, resilient solutions in public, private and hybrid clouds.
• Support cloud security architecture for SaaS, PaaS and IaaS.
• Recommend and advise on strategies and best practices for cybersecurity and a flexible architecture.
• Design security for monitoring, logging, IAM, encryption, data protection, detection and preventive controls.
• Work in tandem with team leads and subject matter experts to validate configurations are aligned, adopted and implemented.
• Liaison with cybersecurity teammates to investigate security incidents and breaches.
• Orchestrate scalable, resilient, and efficient containerized microservices.
• Integrate and automate secure continuous integration/continuous delivery build configurations for development pipelines.
• Proactively analyze, identify and resolve performance bottlenecks.
• Assist with strategy, implementation and recovery point/time objective for business continuity and disaster recovery.
• Recommend and implement cloud security tools and controls.
• Use cloud security tools for asset discovery, cloud workload protection platform (CWPP), control plane configuration and cloud security posture management (CSPM).
• Stay up to date with cybersecurity threats, risks and vulnerabilities with potential impact to services.
• Form relationships with colleagues in operations, software development and risk management.
• Collaborate with IT and cybersecurity leadership to develop practices to reduce attack surface, as well as countermeasures to impede internal threats and external attackers.
• Define key performance indicators, objectives and key results, and metrics to illustrate efficacy with cloud
• infrastructure and applications.
• Attend project and implementation meetings and advise secure application and infrastructure configurations.
• Develop, maintain and enforce cloud security policies and procedures, as well as best practices for following standards such as FedRAMP, Cloud Security Alliance, SOC 1/2/3, CIS and NIST SP 800 series.
• Communicate the state of cloud security posture to cybersecurity leaders, stakeholders, IT and developers.
• Participate in cloud security groups and consortiums for knowledge and building relationships.
• Be willing to work nonstandard business hours for projects, business impact issues and incident response.
• Perform other duties as assigned.

Required Qualifications:

• Bachelor’s degree preferred in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field.

Preferred Qualifications:

• Bachelor’s degree preferred in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field.
• 5-10 years’ experience in IT and security operations, with a focus on cloud security.
• Demonstrated experience as a team lead
• Functional use with cloud tools (CWPP, CSPM, cloud-native application protection platform) and automation (Chef, Puppet, Salt, Ansible).
• Proficient in one or more: Terraform, Kafka, Kubernetes, scripting (Python, JavaScript, Bash).
• Proven use with zero trust network access, encryption, web application firewalls, data protection, vulnerability management, API security, IaC.
• Ability to influence technical team and business units and collaborate to reduce attack surface.
• Knowledge in one or more: NIST 800-144, CIS, CSA-CCM, ISO (27040, 27017, 27001).
• Capacity to comprehend complex technical infrastructure, managed services and third-party dependencies.
• Applicable knowledgeable as needed about FISMA, GDPR, PCI, CCPA, HIPAA, GLBA, Regulation P, NYDFS, etc.
• Strong written and oral communication skills across varying levels of the organization.
• Licenses: Preferable, but not required: CISSP, CISM, CRISC, CISA, GCIH, GCFA, GCFE

Benefit Information:

ABM offers a comprehensive benefits package.  For information about ABM’s benefits, visit:

https://www.abm.com/wp-content/uploads/2023/11/2024-Recruitment-Staff-Mgmt-11.6.23.pdf