Cloud Security Architect

This is a remote position.

Position Summary:

• The Cloud security architect will play a critical role in ensuring the security of our client's digital infrastructure, applications, and data assets. This individual will lead efforts to design, implement and maintain robust, cloud-based security solutions that protect our client from cyber threats and vulnerabilities.
  
• As a member of the information security team, the Cloud Security Architect will play a key leadership role in the InfoSec function of security architecture and provide guidance to other enterprise teams for all cloud security related matters in Azure.
  

This is a full-time, exempt, remote position.

Base Salary Range: $180,000 - $200,000

Specific Responsibilities:

• Design, implement, and maintain a robust security architecture across our client's cloud infrastructure in Azure.
  
• Identify security gaps, define security standards, and lead the remediation of security risks to deliver continuous improvement initiatives.
  
• Design and implement secure cloud infrastructure configurations including network segmentation, access controls, and account architecture
  
• Develop, implement, and socialize technical patterns, standards and guidance for cloud infrastructure and applications
  
• Monitor cloud security posture and conduct regular security assessments and risk analysis to identify vulnerabilities and prioritize remediation efforts
  
• Automate security policies and workflows using scripting languages and cloud native security tools to improve efficiency and scalability
  
• Assist with incident response activities for cloud-related security incidents, including investigation, containment, remediation, and post-mortem analysis.
  
• Collaborate with cross-functional teams (Product, DevOps, Technology, Legal and Compliance) to integrate security practices into cloud deployments.
  

Requirements

Qualifications:

• Deep technical knowledge and hands-on experience with Azure and emerging cloud security technologies.
  
• Expert level knowledge of cloud-based misconfigurations, attack paths, vulnerabilities, and data risks
  
• Extensive knowledge and experience with DevSecOps in an Azure environment and securing CI/CD Pipelines
  
• Azure focused Infrastructure as Code (IaC) proficiency with experience deploying secure infrastructure (Bicep/Terraform/ARM)
  
• Strong Azure security fundamentals and with experience administering Entra ID tenants and all associated objects and resources
  
• Azure VNet experience – Understanding of Azure native NGSs, firewalls, and VPNs
  
• Hands-on experience implementing CNAPP solutions (including CSPM, DSPM, CIEM, IaC, Container and dependency security)
  
• Demonstrated experience developing and implementing security controls, policies, and procedures for cloud infrastructure and sensitive data
  
• In-depth understanding and experience implementing Zero Trust Architecture (ZTA) in the cloud
  
• Strong familiarity with Snowflake and related security concepts including data encryption and masking, auditing and monitoring, RBAC and leveraging least privilege principles.
  
• Prior experience implementing and monitoring data loss prevention solutions in a cloud environment
  
• Experience with implementing and utilizing SASE solutions like Zscaler to secure remote access
  

Supervisory Responsibilities:

• None.
  

Experience:

Benefits

Our client offers competitive compensation along with an extensive benefits package for all full-time employees, including medical, dental and vision coverage, tuition assistance and a 401k. They​ offer full-time remote work to all staff from any location and maintain a physical office in downtown Washington, DC.