Principal Cloud Security Architect

About The Position

Requirements

• Bachelor’s or Master’s degree in Computer Science, Electrical Engineering, Software Engineering, or related field.
• 7-10+ years of professional experience in software architecture, system design, or cybersecurity engineering.
• Proven experience designing distributed or hybrid cloud systems (AWS, Azure, or GCP).
• Hands-on coding experience in one or more modern languages (Python, C/C++, Go, Java, or Rust).
• Experience evaluating and enforcing secure coding design, particularly in evaluating risks in deploying cloud-connected embedded devicies.
• Experience implementing effective CI/CD scanning and analysis tools.
• Strong understanding of embedded software principles, real-time systems, and device-to-cloud communication (MQTT, REST, gRPC, etc.).
• Familiarity with infrastructure-as-code (Terraform, CloudFormation) and container orchestration (Kubernetes, Docker) and the key methods of baking security into those products.
• Knowledge of common vulnerabilities and exposures (CVEs), and mitigation strategies in both embedded and cloud contexts.

Nice To Haves

• Experience with zero-trust architectures, identity management (OAuth2, JWT, IAM), and secure OTA updates.
• Background in industrial IoT, energy systems, or mission-critical control environments.
• Contributions to open-source security tools or frameworks.
• Security certifications such as CISSP, CEH, CSSLP, or AWS/Azure Security Specialty .

Responsibilities

• Evaluate and document end-to-end system architectures integrating embedded, edge, and cloud components.
• Evaluate and coordinate efforts to establish integrated solutions between multiple product-specific systems.
• Establish and maintain secure coding and deployment standards.
• Drive adoption of DevSecOps principles and security automation throughout CI/CD pipelines.
• Perform code reviews and threat modeling for embedded, backend, and cloud software.
• Collaborate with IT and product security teams to ensure compliance with security frameworks (e.g., ISO 27001, NIST, OWASP, or similar).
• Evaluate new technologies, frameworks, and tools for secure and efficient deployment.
• Work closely with firmware, backend, and cloud engineering teams to define interfaces and data security requirements.
• Partner with product management and operations to align architecture with product roadmaps and reliability goals.

Benefits

• Nextracker offers a comprehensive benefits package.
• We provide health care coverage, dental and vision, 401(K) participation including company matching, company paid holidays with unlimited paid time off, generous discretionary company bonuses, life and disability protection and more.
• Employees in certain positions may be eligible for stock compensation.
• All plans are in accordance with relevant plan documents.
• For more information on Nextracker’s benefits please view our company website at www.nextracker.com .
• Pay is based on market location and may vary based on factors including experience, skills, education and other job-related reasons.
• The annual salary range for this position is $220,000 - $250,000.