Cloud Security Architect

WHO YOU'LL WORK WITH

You’ll be based in our Atlanta or Waltham office as part of our Information Security team supporting our organization on a range of cloud/information security initiatives to implement data protection, cloud secure posture and risk management within their cloud environments. The activities include securing infrastructure as code, configuration management, accessing identity and access management, network security across multi-cloud environments, event monitoring and reporting, secure SDLC, risk assessments, cloud infrastructure entitlement management and incident response.

WHAT YOU'LL DO

As a Cloud Security Architect, you will enable the firm to leverage various Cloud technologies. With a thorough understanding of cloud architecture and Secure by Design, The Cloud Security Architect designs, develops, manages robust / secure / highly available and dynamic solutions for information systems intended to drive business objectives. The Cloud Security Architect should be proficient in all aspects of cloud security including identity &access management, defining organizational structure & policies, as well as utilizing cloud-native and third-party technologies.You will also be responsible for the maintenance of existing Cloud Security operational tasks and the continuous development of new security processes. Key to this role is ensuring that policies, controls, and solutions are continually monitored and improved, in response to new threats and business operations. The Cloud Security Architect will implement and maintain information security solutions to support multiple Cyber Security Frames such as NIST CSF, CIS, CSA, ISO27001, etc. You will provide cloud security standards & best practices within cloud environments designed for data protection, Cloud Secure Posture Management, and Risk Mitigation. The Cloud Security Architect will also support client-facing consulting services with technical assistance to all areas of the company, including supporting client engagements.

QUALIFICATIONS

• Bachelor's or master's degree in information security, computer science or other technical discipline
• Practitioner experience working with cloud providers (e.g., AWS, Azure, GCP)
• Automation mindset and experience (e.g., Cloud Formation, Terraform, Ansible, Python)
• Technical understanding of a range of enterprise IT infrastructure and architectures for private, public and hybrid cloud models including web applications, databases, operating systems, servers and networking technologies
• Working knowledge of information security controls, guidelines and standards (e.g., ISO27000 series, OWASP, CSA CCM, CIS 20 Critical Security Controls, SOC 2, and NIST)
• Good understanding of privacy and data protection regulations (e.g., PCI DSS, HIPAA, FedRAMP or EU GDPR)
• Experience with a range of security technologies, processes and tooling around vulnerability management, patch management, firewalling, networking including IAM, SIEM/SOC, and DLP
• Experience designing, planning, implementing, provisioning and managing a cloud solution architecture