Cloud Architect

The Cloud Security Architect will play a critical role in ensuring the security of our clients' digital infrastructure, applications, and data assets. This individual will lead efforts to design, implement, and maintain robust, cloud-based security solutions that protect our clients from cyber threats and vulnerabilities.

As a member of the information security team, the Cloud Security Architect will play a key leadership role in the InfoSec function of security architecture and provide guidance to other enterprise teams for all cloud security-related matters in Azure.

This is a full-time, exempt, remote position.

Responsibilities:

• Design, implement, and maintain robust security architecture across our client's cloud infrastructure in Azure.
• Identify security gaps, define security standards, and lead the remediation of security risks to deliver continuous improvement initiatives.
• Design and implement secure cloud infrastructure configurations, including network segmentation, access controls, and account architecture
• Develop, implement, and socialize technical patterns, standards, and guidance for cloud infrastructure and applications
• Monitor cloud security posture and conduct regular security assessments and risk analysis to identify vulnerabilities and prioritize remediation efforts
• Automate security policies and workflows using scripting languages and cloud native security tools to improve efficiency and scalability
• Assist with incident response activities for cloud-related security incidents, including investigation, containment, remediation, and post-mortem analysis.
• Collaborate with cross-functional teams (Product, DevOps, Technology, Legal, and Compliance to integrate security practices into cloud deployments.

Requirements:

• Deep technical knowledge and hands-on experience with Azure and emerging cloud security technologies.
• Expert level knowledge of cloud-based misconfigurations, attack paths, vulnerabilities, and data risks
• Extensive knowledge and experience with DevSecOps in an Azure environment and securing CI/CD Pipelines
• Azure focused Infrastructure as Code (IaC) proficiency with experience deploying secure infrastructure (Bicep/Terraform/ARM)
• Strong Azure security fundamentals and experience administering Entra ID tenants and all associated objects and resources
• Azure VNet experience – Understanding of Azure native NGSs, firewalls, and VPNs
• Hands-on experience implementing CNAPP solutions (including CSPM, DSPM, CIEM, IaC, Container, and dependency security)
• Demonstrated experience developing and implementing security controls, policies, and procedures for cloud infrastructure and sensitive data
• In-depth understanding and experience implementing Zero Trust Architecture (ZTA) in the cloud
• Strong familiarity with Snowflake and related security concepts, including data encryption and masking, auditing and monitoring, RBAC, and leveraging least privilege principles.
• Prior experience implementing and monitoring data loss prevention solutions in a cloud environment
• Experience with implementing and utilizing SASE solutions like Zscaler to secure remote access

Supervisory Responsibilities:

• None.

Experience:

• 10 Years of overall IT Experience with a major emphasis on Information Security.
• 3 Years of experience building and integrating systems within cloud providers.
• Strong knowledge of cloud providers (Azure).
• Knowledge of cybersecurity frameworks (ISO 27001, NIST 800-53, CIS Controls, PCI DSS, HITRUST).

Education:

• Bachelor’s degree preferred.
• Cloud Security Certifications, CISSP or CCSP certifications are preferred.