Cloud Security Architect

Location: City of Yonkers

** City/State:
** Yonkers, New York
** Grant Funded:
** No
* * Department:
** IT - Technology & Cloud Services
*
* Work Shift:

** Day
* * Work Days:
** MON-FRI
** Scheduled

Hours:

** 9 AM-5:30 PM
** Scheduled Daily

Hours:

** 8.5 HOURS
** Pay Range:**$-$
** In office 4-6 times a year, or as needed.
*
* Key Responsibilities:

* Design, develop, and implement secure, resilient cloud architecture, aligning with business objectives and regulatory standards.
* Lead the development of blueprints, design patterns, and reusable architecture frameworks for secure cloud deployments.
* Establish and enforce best practices for securing cloud environments, including network segmentation, data encryption, and identity access management, specifically tailored for cloud services.
* Develop governance policies and guardrails for cloud usage across business units, ensuring consistent application of security controls.
* Identify, assess, and prioritize cloud security risks, implementing appropriate mitigation strategies.
* Integrate security monitoring, logging, and alerting with existing SIEM to proactively manage threats.
* Design least-privilege IAM roles, fine-grained access policies, security groups, that integrate with existing privileged access management and multi-factor authentication mechanisms.
* Integrate identity federation and single sign-on (SSO) solutions with enterprise IAM solutions.
* Architect encryption strategies for data at rest, data in transit, and data in use that integrate with the enterprise HSM.
* Develop and enforce data protection policies, ensuring sensitive data is managed securely and complies with relevant data protection regulations.
* Develop security automation practices using Infrastructure as Code (IaC) tools.
* Design and oversee the implementation of comprehensive cloud native cybersecurity solutions that protect the organization’s critical assets.
* Ensure that the company cloud architecture complies with relevant laws, regulations, and industry standards (e.g., HIPAA, HITECH, NYSDOH 405.46, HITRUST, etc.).
* Engage with external stakeholders, including vendors, partners, and regulators, to ensure the organization’s cloud cybersecurity posture is robust and aligned with industry standards.
* Lead cross-functional teams in the design and implementation of cloud native security solutions, ensuring collaboration and alignment across the organization.
* Lead the continuous improvement of the organization’s cloud cybersecurity architecture, ensuring it evolves to address new threats and challenges.
* Stay informed of the latest developments in cybersecurity, participating in professional networks and continuing education opportunities.

Required Skills and Knowledge:
** This position requires advanced skills in Terraform, Python, AWS Security Services, SCP/IAM Policy – JSON, CNAPP Tooling, AWS Config/Conformance Packs.
*** Deep understanding of cloud-based cybersecurity principles, including encryption, authentication, access control, and network security.
* Extensive experience in designing and implementing cybersecurity architectures for complex, enterprise cloud environments.
* Familiarity with common enterprise architecture frameworks including SABSA, OESA, TOGAF and similar.
* Expertise in cloud security, identity and access management (IAM), and security information and event management (SIEM) systems.
* Ability to translate research findings into practical solutions that address real-world security challenges.
* Strong strategic thinking skills, with the ability to develop and execute long-term cybersecurity plans.
* Ability to lead large-scale cybersecurity initiatives and projects, ensuring alignment with organizational goals.
* Excellent communication skills, with the ability to present complex technical information to both technical and non-technical audiences.
* Strong interpersonal skills, with the ability to build relationships and influence stakeholders at all levels of the organization.
* Experience in collaborating with cross-functional teams, including IT, legal, compliance, and business units.

Required Experience:

* Experience:

10+ years of experience in cybersecurity, with a focus on solution design,…