Cloud Security Architect - St. Louis, MO
Listed on 2026-07-16
-
IT/Tech
Cybersecurity, Systems Engineer, Information Security
Cloud Security Architect - St. Louis, MO
We are looking for a Cloud Security Architect to serve as the embedded security authority within our software engineering team. This is a hands-on technical role — not a compliance or audit seat. We're looking for someone who has built and hardened real cloud infrastructure, understands how engineers think, and can help us make security decisions that are pragmatic and grounded in how our systems work.
You'll own our security posture across Azure, Kubernetes, and our infrastructure-as-code practices, while also serving as the go-to resource for engineers working through security challenges day to day. If you've come up through Dev Ops or platform engineering and grown into security ownership, this role was written for you.
A Day In The Life Every day at Hubbell is different and you'll contribute in many ways. On any given day, you'll make a difference by:
- Security Best Practices & Architecture Guidance
- Define and champion security best practices across our software solutions and development lifecycle, with a focus on our Azure-hosted infrastructure.
- Review Terraform configurations and infrastructure-as-code changes to identify security misconfigurations and ensure alignment with policy and compliance requirements.
- Establish and maintain security standards for our Kubernetes environments (AKS and EKS), including RBAC policies, network segmentation, secrets management, and container security.
- Review architecture and design decisions to identify and mitigate security risks early.
- Develop and maintain security guidelines, standards, and reference architectures for the engineering team.
- Security Advisory & Decision Support
- Act as the in-house security expert — available to help the team make well-informed, security-conscious decisions.
- Evaluate third-party tools, vendors, and integrations from a security perspective.
- Provide guidance on threat modeling, risk assessment, and security trade-offs.
- Compliance & Standards Ownership
- Own and maintain our compliance posture in alignment with the standards and frameworks established by our external cybersecurity team.
- Participate in SOC 2 audit activities, including control execution, evidence collection, and direct engagement with auditors when needed.
- Proactively identify compliance gaps and drive remediation efforts in partnership with engineering leads.
- Serve as the primary liaison between the software team and the external cybersecurity organization.
- RFP & Security Questionnaire Response
- Lead the completion of security questionnaires as part of the RFP and sales process.
- Maintain accurate, up-to-date documentation of our security posture to streamline future questionnaire responses.
What will help you thrive in this role?
Required 8+ years in a Dev Ops, platform engineering, or cloud infrastructure role with meaningful security ownership — or an equivalent blend of engineering and security experience. Hands-on experience securing Azure environments, including Azure AD/Entra , IAM, and network security controls. Experience reviewing and hardening Terraform and other infrastructure-as-code for security misconfigurations and policy compliance. Working knowledge of Kubernetes security in managed environments (AKS and/or EKS), including RBAC, network policies, secrets management, and container image scanning.
Participated in at least one SOC 2 audit cycle — familiar with control mapping, evidence collection, and working with auditors. Comfortable translating technical security posture into RFP questionnaire responses and compliance documentation. Proven ability to communicate with engineers at a peer level and with non-technical stakeholders without losing either audience. Bachelor's degree in computer science, engineering, or a related field.
Preferred Background in Dev Sec Ops — integrating security tooling (Checkov, Mend, Checkmarx, or other SCA/SAST/DAST tooling) into CI/CD pipelines. Familiarity with AKS security controls, including Azure Policy for Kubernetes, Defender for Containers, and container image scanning via ACR AZ-500 (Microsoft Azure Security Engineer) or similar cloud-focused certification. Exposure to AWS security…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).