Senior Principal Cloud Security Architect

Application window closes on 15 May 2026.

At Mini Med, you can begin a lifelong career of exploration and innovation, while helping make a difference in the lives of people living with diabetes around the globe. You will lead with purpose, breaking down barriers to innovation for a more connected, compassionate world.

The Senior Principal Cloud Security Architect is the single‑threaded owner of cloud security architecture, standards, and control design across cloud environments, with a primary focus on AWS and support for Azure and Google Cloud Platform (GCP). This role defines and enforces security guardrails, reference architectures, and control frameworks that ensure cloud platforms are secure‑by‑default, auditable, and aligned with regulatory and enterprise risk requirements.

This is a control‑plane role; the architect owns what secure looks like and ensures those standards are implemented through Platform Engineering and enforced through automation and governance mechanisms. The role partners closely with Cloud Platform Engineering, Cloud Operations, and Cybersecurity to drive consistent, scalable, and enforceable security across all cloud environments.

• Define and own cloud security architecture and standards across AWS, with aligned patterns for Azure and GCP.
• Establish secure‑by‑default reference architectures covering identity, network segmentation, encryption, logging, and workload isolation.
• Develop and maintain security guardrails, patterns, and blueprints that are implemented through platform services.

• Define security control frameworks and ensure alignment with regulatory, audit, and enterprise risk requirements.
• Partner with Platform Engineering to implement controls as policy‑as‑code, guardrails, and automated enforcement mechanisms.
• Establish and govern exception processes, including risk acceptance, time‑bound approvals, and remediation tracking.

• Define identity and access management (IAM) standards including role design, least privilege access, federation, and service‑to‑service authentication.
• Ensure consistent identity patterns across AWS, Azure, and GCP aligned to enterprise identity providers and zero‑trust principles.
• Partner with Identity and Security teams to integrate cloud platforms into enterprise IAM and IGA systems.

• Define network segmentation, traffic inspection, and secure connectivity patterns within and across cloud environments.
• Establish standards for data protection, including encryption, key management, data classification, and data residency controls.
• Ensure consistent implementation of security controls for ingress, egress, and east‑west traffic.

• Define requirements for logging, monitoring, and detection across cloud platforms, ensuring auditability and security visibility.
• Partner with Security Operations and Cloud Operations to ensure detection capabilities are actionable and aligned with incident response processes.
• Ensure security telemetry is consistently captured and integrated into enterprise monitoring and SIEM platforms.

• Work with Platform Engineering to translate security standards into reusable platform capabilities and default configurations.
• Ensure security controls are embedded into account provisioning, infrastructure templates, and CI/CD pipelines.
• Enable product teams to inherit security controls through platform consumption rather than custom implementation.

• Support audits, regulatory reviews, and control assessments by providing clear documentation and evidence of control design and enforcement.
• Reduce risk through preventive controls and automated enforcement rather than reactive remediation.
• Partner with Cybersecurity and Risk teams to align cloud security posture with enterprise standard.

Requires 10+ years of experience with a bachelor’s degree or 8+ years of experience with an advanced degree or 12+ years of experience with a high school diploma or equivalent.