Cloud Security Architect
Posted on Nov 21, 2021 by Request Technology - Craig Johnson
*We are unable to sponsor for this permanent Full time role*
*Position is bonus eligible*
Prestigious Fortune 500 Company is currently seeking a Cloud Security Architect. Candidate serves as the senior most expert within the Information Security discipline. Unlike traditional security functions, the Security Architect demonstrates a firm competence in the ability to evaluate security strengths and weaknesses across the broader enterprise, aligning to risk appetite, business requirements, and security control objectives.
- Security Consultation: Represent Information Security for IT projects and solutions
- Security analysis and guidance: Work with Architects and Infosec members to continuously benchmark company security posture, capability, and maturity against Industry benchmarks.
- Security Standards and Solutions; working with Architects and SMEs, establish security standards to prevent later re-work while driving maturity, efficiency, and effectiveness.
- Demonstrated experience in driving security maturity, effectiveness, automations, standardization, and efficiency across the technology environment.
- 9+ years of IT Security Experience. Industry certifications are highly desired (ie CISSP, CCSP, CISSP/CCSK, or other vendor-specific offerings)
- Highly technical and analytical expertise, with a proven background in security technology design. This individual must be comfortable providing metrics,
- analysis, and quantitative/qualitative evidence.
- Cloud security expertise across leading cloud providers such as Amazon AWS, Microsoft Azure, and Google Cloud
- Understanding of containers (eg, Docker) and container orchestration technologies (eg, Docker Swarm, Kubernetes), and microservices architecture
- Understanding of CloudFormation, Terraform, Ansible, Jenkins, and other Infrastructure as Code solutions.
- Comprehensive experience in security tools and services (Vulnerability Management, platform, cloud, infrastructure, etc)
- Proficiency in frameworks such as MITRE ATT&CK
- Understand OIDC/OAuth/SAML architecture and use patterns.
- Experience or background in NIST, ISO27001, NICE or other security-related control framework.
- Capable of Scripting in Python, Bash, Perl or Powershell ideal.