Cloud Security Architect (AWS)

About The Position

Requirements

• Bachelor’s degree in computer science, Information Security, or a related technical discipline, or equivalent practical experience with 6-8 years of strong experience.
• Strong hands-on understanding of public cloud infrastructure components and architectures, with demonstrated ability to identify and mitigate security risks in decentralized, hybrid, and multi-account cloud environments.
• Solid understanding of information security principles, risk management, and compliance frameworks, and how they apply to large-scale public cloud platforms.
• Proven experience designing, building, and securing AWS-based cloud environments, with meaningful hands-on experience in Azure; exposure to GCP is a plus.
• Ability to automate security processes end-to-end and collaborate closely with cloud engineering and product teams to integrate security into CI/CD pipelines and development workflows.
• Proficiency in at least one modern scripting or programming language (e.g., Python, Go, or Node.js) for automation, tooling, and integrations.
• Strong foundational knowledge of IP networking concepts, including routing, VPNs, DNS, and network segmentation in cloud environments.
• Hands-on experience in several of the following areas: Cloud security administration across AWS, Azure, and/or GCP Designing and securing serverless applications and managed cloud services Infrastructure-as-Code tools such as Terraform, CloudFormation, or Ansible Command-line tooling (Bash, PowerShell, AWS CLI, Azure CLI) Container and orchestration technologies (Docker, Kubernetes) Cloud network architecture and VPC/VNet engineering Cloud-native security services (e.g., AWS GuardDuty, Azure Defender for Cloud, GCP Security Command Center, WAF) Source control and pipeline security (e.g., GitHub Security features)
• Excellent verbal and written communication skills, with the ability to clearly articulate complex technical concepts to both technical and non-technical audiences.
• Demonstrated ability to manage multiple priorities and remain effective in a fast-paced, rapidly changing environment.
• Strong curiosity and commitment to continuous learning, with a desire to stay current on emerging cloud security threats, tools, and best practices.

Nice To Haves

• One or more current cloud provider certifications demonstrating advanced knowledge of cloud architecture and security, such as: AWS: Solutions Architect (Associate or Professional), Security – Specialty Azure: Azure Fundamentals, Azure Solutions Architect Expert GCP: Associate Cloud Engineer, Professional Cloud Security Engineer
• Industry-recognized security certifications reflecting a strong security foundation, such as CISSP or CompTIA Security+.
• Hands-on experience with cloud security platforms and tooling, including CSPM/CNAPP solutions (e.g., Wiz), SIEM and observability tools (e.g., Splunk), and cloud risk or asset management platforms (e.g., Brinqa).
• Experience integrating security tooling and workflows with engineering collaboration platforms such as Slack, Jira, and CI/CD pipelines.

Responsibilities

• Serve as a Cloud Security Subject Matter Expert (SME) for Warner Bros. Discovery’s Information Security organization, providing authoritative guidance on public cloud security architecture and engineering.
• Proactively identify cloud security risks across AWS, Azure, and GCP environments, design pragmatic mitigation strategies, and lead or influence implementation efforts in partnership with engineering teams.
• Design and produce clear, actionable architecture and security design artifacts to enable the Cloud Security team to implement solutions, whether developed in-house or delivered via third-party vendors.
• Partner closely with product and platform engineering teams to design, review, and validate secure network, compute, container, and serverless architectures.
• Provide hands-on IAM guidance, including policy design and review, to ensure least-privilege access models are consistently implemented across cloud environments.
• Review cloud architecture and AI/ML workloads to advise development teams on secure design patterns, data protection, identity controls, and potential security gaps prior to deployment.
• Engage with public cloud service providers to evaluate and influence security features, roadmap capabilities, and best-practice implementations.
• Evaluate cloud security vendors and tools (including CSPM/CNAPP platforms), conduct proof-of-value assessments, and provide recommendations based on technical fit and risk reduction.
• Mentor and support junior cloud security team members through technical guidance, design reviews, and knowledge sharing.
• Develop and maintain cloud security documentation, including architectural standards, reference designs, configuration guidelines, and operational processes.
• Collaborate with senior leadership and cross-functional stakeholders to assess current and future cloud security requirements and align solutions with business and technology strategy.
• Continuously stay current with emerging cloud threats, attack techniques, and security tooling, applying this knowledge to improve WBD’s cloud security posture.

Benefits

• health insurance coverage
• an employee wellness program
• life and disability insurance
• a retirement savings plan
• paid holidays and sick time and vacation