Cloud Security Architect

About The Position

Requirements

• Bachelor’s degree or equivalent work experience in Computer Science, Cybersecurity, Information Systems, or a related field.
• 8+ years of hands-on information security experience, with at least 3 years in a dedicated security architecture role.
• Strong experience with Microsoft Azure security services and architecture.
• Demonstrable ability to evaluate and secure configurations across identity, networking, compute, storage, and platform services.
• Proficiency in at least one scripting or programming language (Python or PowerShell preferred; other languages acceptable).
• Proven ability to design and implement Infrastructure as Code (IaC) for security automation and baseline enforcement.
• Strong understanding of regulatory and compliance frameworks such as ISO 27001, NIST, HITRUST, and/or SOC 2.
• Proficiency with authentication and authorization protocols such as SAML, OAuth/OIDC, and LDAP.
• Demonstrated ability to work independently, analyze complex environments, and produce clear, actionable documentation with minimal supervision.
• Excellent communication and interpersonal skills, with the ability to collaborate across technical and non-technical teams and to influence without authority.

Nice To Haves

• Experience with AWS and/or Oracle Cloud Infrastructure in addition to Azure.
• Experience with Microsoft 365, specifically Entra ID, Conditional Access, and Privileged Identity Management (PIM).
• Networking and firewalling experience, including implementation of next-generation firewalls (NGFW) in cloud environments.
• Experience securing microservices, serverless, and container-based architectures.
• Experience with securing AI/ML services and platforms, with a focus on data privacy, access control, and secure model deployment.
• Relevant certifications such as Azure Security Engineer (AZ-500), Azure Solutions Architect (AZ-305 or AZ-104), AWS Security Specialty, AWS Solutions Architect, or similar.

Responsibilities

• Lead security architecture assessments for new and existing applications, systems, and integrations across cloud and hybrid environments.
• Partner with product engineering, DevOps, and compliance teams to develop secure architecture patterns that address data protection, access control, network segmentation, and resilience.
• Participate in threat modeling exercises to proactively identify security risks and guide secure design decisions.
• Assess and validate security requirements for new and emerging technologies, including Artificial Intelligence (AI) services and platforms.
• Serve as the primary subject matter expert for cloud security, with a strong emphasis on Microsoft Azure.
• Evaluate and improve configurations across identity, networking, compute, storage, and platform services.
• Analyze and document the current cloud environment, identify security gaps, and develop prioritized remediation roadmaps.
• Design and implement cloud security policies, and guardrails using cloud-native tooling (e.g., Azure Policy, AWS Service Control Policies).
• Author scripts and automation (Python, PowerShell, or similar programming languages) to audit, monitor, and remediate undesirable configurations within the environment.
• Design and implement Infrastructure as Code (IaC) to enforce security baselines, automate deployments, and ensure repeatable, auditable configurations.
• Function as a subject matter expert across multiple security domains including cloud security posture management, identity and access management (IAM), and server/endpoint protection.
• Provide input into strategic security initiatives and roadmaps, helping shape the direction of the security program.
• Stay current with emerging threats and industry trends.
• Assist with monitoring and evaluating the effectiveness of information security safeguards and remediating discovered gaps.
• Occasionally serve as a subject matter expert during incident response activities, providing expertise in root cause analysis and remediation.
• Coordinate with business stakeholders to ensure that the introduction or enhancement of security controls does not adversely impact operations.

Benefits

• medical, dental and vision coverage to employees and dependents
• a 401(k) plan with a generous employer match
• an employee stock purchase plan
• a generous Paid Time Off policy
• paid parental leave and adoption assistance
• Wellness Program supports employee total well-being by providing free annual health screenings and coaching, bank at work, and on-site workshops, as well as ongoing programs recognizing major events in the lives of our employees throughout the year.