Cloud Security Architect
Role details
Job location
Tech stack
Job description
-
Lead cloud security architecture for the Data Center Exit migration to AWS EC2.
-
Design and implement AWS Landing Zone security including IAM guardrails, SCPs, and logging.
-
Conduct application and infra vulnerability assessments and define remediation plans.
-
Implement WAF rules, firewall policies, secure segmentation, and endpoint protection.
-
Validate authentication, authorization, and encryption models for all migrated workloads.
-
Support secure deployment practices, code reviews, and remediation of development gaps.
-
Integrate SIEM systems with AWS native security tools for continuous monitoring.
-
Define and enforce cloud security baselines aligned with CIS, NIST, and ISO controls.
-
Lead penetration testing cycles and coordinate mitigation activities.
-
Produce security HLD/LLD, risk assessments, and operational security runbooks.
Requirements
Do you have experience in Zero Trust security?, Do you have a Bachelor's degree?, Must Have Technical/Functional Skills
-
Strong expertise in AWS cloud security architecture including IAM, KMS, GuardDuty, and CloudTrail.
-
Deep understanding of AWS Landing Zone, SCPs, governance, and enterprise security guardrails.
-
Experience with security for custom applications including vulnerability identification and remediation.
-
Proficiency with VAPT tools such as Nessus, Qualys, Burp Suite, Fortify, and Checkmarx.
-
Strong understanding of WAF, firewall management, IDS/IPS, and network segmentation.
-
Knowledge of OS-level security for Windows Server 2016-2025 and RHEL 7/8/9.
-
Familiarity with securing Java, .NET, TIBCO ESB, and integration-heavy workloads.
-
Understanding of database security for Oracle 19c, Exadata on AWS, and SQL Server.
-
Ability to apply Zero Trust, least privilege, encryption, and secure-by-design principles.
-
Strong collaboration skills across infra, app, DB, network, and DevOps teams., * Hands-on experience designing secure AWS multi-account Landing Zones and guardrail policies.
-
Strong understanding of EC2 security, IAM, encryption, and identity federation models.
-
Integration knowledge for Oracle Exadata on AWS, SQL Server, and middleware security flows.
-
Experience with AWS WAF, Shield, GuardDuty, Security Hub, and detective controls.
-
Ability to design security for EKS workloads including pod/network policies and image scanning.
-
Understanding of security in hybrid cloud migrations and AWS migration tooling., Qualifications : BACHELOR OF COMPUTER SCIENCE