Cloud Security Architect

The Cloud Security Architect is a senior technical leader within the Cybersecurity organization responsible for designing, implementing, and securing cloud infrastructure across Azure, AWS, and other cloud service providers. This role works closely with Cloud Engineering, Dev Ops, and GRC teams to ensure secure configurations, robust access controls, and continuous monitoring of cloud environments. The architect provides guidance on cloud security strategy, conducts security assessments, and leads initiatives to mitigate risks associated with cloud infrastructure, containerization, and modern application deployment patterns.

• Design and implement secure cloud architectures across AWS, Azure, and GCP
• Conduct regular security assessments and ensure compliance with industry frameworks (NIST, CIS)
• Lead cloud incident response activities and participate in tabletop exercises
• Collaborate with developers and Dev Ops teams to enforce secure CI/CD and Infrastructure-as-Code practices
• Manage user access and privileged account management aligned to best practices
• Provide guidance to GRC teams on cloud security policies, IAM standards, and regulatory compliance
• Perform security reviews of cloud architecture, infrastructure, and applications, identify gaps, and implement mitigation strategies
• Manage CSPM and container security technologies, ensuring secure deployment of workloads
• Serve as a Subject Matter Expert on cloud security topics, emerging technologies, and evolving threat landscapes
• Identify and apply strategies to optimize cloud resource utilization and minimize costs
• Mentor and support the development of junior staff members
• Perform other duties as assigned and comply with all policies and standards

• Makes strategic and technical decisions independently regarding cloud security architecture and implementation
• Provides guidance and oversight to engineering teams while influencing enterprise cloud security posture

Bachelor’s Degree in Computer Science, Information Security, or related field, or equivalent combination of education and experience

10+ years of cybersecurity experience with direct cloud architecture, configuration, and support

Hands-on experience with Azure, AWS, and cloud-native security controls

Experience configuring and supporting Microsoft 365 services, including Microsoft Endpoint Manager, Microsoft Defender for Cloud, Azure AD/Entra, and ADFS

Experience with virtual machines, containers, Kubernetes, serverless, Infrastructure-as-Code, and CI/CD pipelines

Strong knowledge of Azure architecture and core services: VMs, Group Policy, MFA, Azure Networking, IPsec, NSGs, VDI, Firewalls, Functions, Management Groups, and Resource Groups

Scripting experience with Power Shell, Azure CLI, or similar tools for automation

• Strong understanding of network architecture, cloud security tools, and containerization
• Excellent leadership, communication, and interpersonal skills
• Strong analytical skills to assess risks and vulnerabilities in complex cloud environments
• Ability to collaborate across cross-functional teams and influence stakeholders

• Knowledge of programming languages such as Python, .NET, or Java
• Hands-on cloud security testing experience
• Familiarity with Azure configuration best practices