Cloud Security Architect

As a Senior Cloud Security Architect, you will lead the strategic vision for protecting our multi-cloud ecosystem. You are responsible for designing the security blueprints that govern our entire digital footprint-from identity perimeters to AI-driven threat detection. This role requires a Security as Code mindset, where you build automated guardrails that empower developers to move at speed without compromising the safety of our data or infrastructure., * Security Architecture Vision: Lead the design of a global Zero Trust architecture, ensuring robust identity governance (IAM), network micro-segmentation, and data encryption across AWS, Azure, or Google Cloud Platform.

• AI-Native Security Strategy: Architect specialized security frameworks for AI/ML pipelines, focusing on data privacy for training sets, model integrity, and securing LLM-integrated applications against emerging attack vectors.
• Automated Guardrails (Policy as Code): Develop and enforce enterprise-wide security policies using Terraform, etc., ensuring that non-compliant infrastructure is automatically remediated or blocked from deployment.
• Cloud Posture Management: Design and oversee the integration of CNAPP and CSPM tools to provide real-time visibility into misconfigurations, vulnerabilities, and excessive permissions.
• Threat Modeling & Resilience: Conduct deep-dive threat modeling for complex cloud-native systems, simulating advanced persistent threats (APTs) and blast radius scenarios to strengthen system resilience.
• Security Consultancy: Act as the lead security advisor for the Cloud Architecture team, bridging the gap between DevOps agility and rigorous regulatory compliance (SOC2)., * Zero Standing Privilege: Help Transition the organization to a Zero Standing Privilege model for all production environments.
• Automated Compliance: Help Achieve automated auditing for core compliance frameworks (e.g., NIST, CIS Benchmarks).
• Mean Time to Detect (MTTD): Utilize AI-driven monitoring to reduce the detection time of anomalous cloud activity to minimum

Skills: security blue prints, security as a code mindset, automated guardrails, zero trust architect, iam, data encryption, aws, azure and Google Cloud Platform, ai/ml pipelines, llm''''s, cnapp, cspm, apt''''s, blast radius, devops/soc2, aws security hub, azure defender, Google Cloud Platform security command center, first security, ciem, jit-just in time, oidc/saml flows, python, go or bash, sast/dast/sca, sd-wan, cloud whf, ztna-zero trust network access, 12+ years of cybersecurity, 6+ years architecting secure cloud environments, zero standing privilege, automated compliance, mttd-mean time to detect, ai driven models, Clearance: Public Trust Clearance or Higher is Preferred, Mastery of cloud-native security suites (e.g., AWS Security Hub, Azure Defender, Google Cloud Platform Security Command Center)., Expert knowledge of Identity-First Security, including CIEM, Just-In-Time (JIT) access, and complex OIDC/SAML flows., Proficiency in Python, Go, or Bash to build custom security automations and integrate with SOAR platforms., Deep experience embedding automated security testing (SAST/DAST/SCA) directly into CI/CD pipelines., Advanced understanding of secure connectivity, including SD-WAN, Cloud WAF, and Zero Trust Network Access (ZTNA).

Preferred Experience

• Experience: 12+ years in Cybersecurity, with at least 6 years focused on architecting secure cloud environments at scale.
• Certifications: Top-tier credentials.
• Education: Advanced degree in Computer Science, Cybersecurity, or a related engineering field preferred. BS degree from an accredited College/University in the applicable field of services is required, or four additional years of relevant experience in lieu of a college degree. If the individual''''s degree is not in the applicable field then four additional years of related experience is required.
• Soft Skills: Strong ability to bridge the gap between Speed of DevOps and Rigors of Security while communicating clearly with executive leadership
• Leadership: Proven ability to influence technical roadmaps and present security risks clearly to C-suite stakeholders.