10871 - Cloud Security Architect "SAE"

About The Position

Requirements

• Experience: 10+ years of experience in Cloud Security, Security Architecture, or Cloud Infrastructure, with significant architecture responsibility. Deep hands-on experience designing secure architectures in AWS, Azure, and GCP. Demonstrated experience defining and governing Cloud Security Standards.
• Education: Bachelor’s degree in Cybersecurity, Information Technology, Computer science or a related field.
• Technical Expertise: Strong experience architecting cloud logging pipelines and SIEM integrations for security operations. Proven expertise designing and operating Cloud Security Posture Management (CSPM) at enterprise scale. Strong understanding of Cloud-native security services, Identity, networking, and data protection in cloud environments, and Cloud threat models and attack paths. Strong troubleshooting and collaboration skills.
• Language Skills: Excellent stakeholder management and communication skills. Proficient in English for effective communication and coordination.

Nice To Haves

• Experience: Hands on experience with CSPM tools such as Prisma Cloud, Wiz, Lacework or similar. Architecture experience in large-scale, multi-cloud enterprise environments. A working understanding of cloud security frameworks and benchmarks (e.g. CIS).
• Education and Certifications: Masters degree in Cybersecurity, Information Technology, Computer Science or a related discipline is preferred. Industry-recognized credentials such as CISSP, CISM, or cloud specific certifications for AWS, Azure or GCP security are highly desirable.
• Language Skills: Bi-lingual in English and Korean language proficiency is preferred to support global coordination and communication.

Responsibilities

• Cloud Security Architecture & Strategy: Define and maintain the Cloud Security Architecture for AWS, Azure, and GCP environments.
• Establish secure reference architectures, design patterns, and guardrails for: Identity and access management, Network segmentation and connectivity, Data protection and encryption, Workload and platform security
• Translate threat models, risk requirements, and business needs into actionable cloud security architecture.
• Cloud Security Standards Ownership: Own the Cloud Security Standard across all cloud providers, including: Strategic direction, Technical depth and consistency, Lifecycle management and iteration
• Ensure the standard is: Provider-aware yet provider-agnostic where possible, Aligned with evolving cloud services and architectures, Consistently adopted through design reviews, patterns, and automation
• Provide architectural guidance and risk issue and exceptions analysis as part of the Risk Operation Processes, when deviations are required.
• Logging, Monitoring & Detection Architecture: Define the cloud logging and monitoring architecture across AWS, Azure, and GCP.
• Ensure cloud-native and security-relevant logs are: Standardized across providers, Reliably ingested into centralized log management and SIEM platforms, Structured to support detection engineering, incident response, and forensic analysis
• Partner with Security Operations to align logging architecture with detection and response use cases.
• Cloud Security Posture Management (CSPM) Architecture: Define the organization’s CSPM strategy and architecture across multi-cloud environments.
• Establish: CSPM policy baselines, Risk-based prioritization models, Integration patterns with risk and remediation workflows
• Ensure CSPM capabilities scale with cloud adoption and provide meaningful security signal rather than noise.
• Guide engineering teams on remediation patterns and sustainable control implementation.
• Cross-Functional Influence & Governance: Act as a trusted security architecture advisor to: Customers, Cloud Platform and Infrastructure teams, Application and DevOps teams, Integrated Risk Management and Audit partners
• Lead cloud security design reviews and architecture discussions.
• Support risk assessments, audits, and regulatory inquiries related to cloud security architecture.