Principal Cloud Security Architect

Nextracker Inc.•Fremont, CA

52d•$220,000 - $250,000

About The Position

We are seeking a highly skilled Principal Cloud Security Architect with deep experience designing and securing distributed systems that span embedded devices, edge components, and cloud-based infrastructures. This individual will be responsible for evaluating and supporting the security of our cloud-connected robotic and inspection products. They will also support the creation of cloud-based multiple product integrations, both within the company and with partner customers and companies. The ideal candidate will combine strong software engineering skills with expertise in cybersecurity, secure coding, and modern cloud technologies. You will play a critical role in evaluating system designs, reviewing code, and ensuring secure deployments across the full technology stack.

Requirements

Bachelor's or Master's degree in Computer Science, Electrical Engineering, Software Engineering, or related field.
7-10+ years of professional experience in software architecture, system design, or cybersecurity engineering.
Proven experience designing distributed or hybrid cloud systems (AWS, Azure, or GCP).
Hands-on coding experience in one or more modern languages (Python, C/C++, Go, Java, or Rust).
Experience evaluating and enforcing secure coding design, particularly in evaluating risks in deploying cloud-connected embedded devicies.
Experience implementing effective CI/CD scanning and analysis tools.
Strong understanding of embedded software principles, real-time systems, and device-to-cloud communication (MQTT, REST, gRPC, etc.).
Familiarity with infrastructure-as-code (Terraform, CloudFormation) and container orchestration (Kubernetes, Docker) and the key methods of baking security into those products.
Knowledge of common vulnerabilities and exposures (CVEs), and mitigation strategies in both embedded and cloud contexts.

Nice To Haves

Experience with zero-trust architectures, identity management (OAuth2, JWT, IAM), and secure OTA updates.
Background in industrial IoT, energy systems, or mission-critical control environments.
Contributions to open-source security tools or frameworks.
Security certifications such as CISSP, CEH, CSSLP, or AWS/Azure Security Specialty.

Responsibilities

Evaluate and document end-to-end system architectures integrating embedded, edge, and cloud components.
Evaluate and coordinate efforts to establish integrated solutions between multiple product-specific systems.
Establish and maintain secure coding and deployment standards.
Drive adoption of DevSecOps principles and security automation throughout CI/CD pipelines.
Perform code reviews and threat modeling for embedded, backend, and cloud software.
Collaborate with IT and product security teams to ensure compliance with security frameworks (e.g., ISO 27001, NIST, OWASP, or similar).
Evaluate new technologies, frameworks, and tools for secure and efficient deployment.
Work closely with firmware, backend, and cloud engineering teams to define interfaces and data security requirements.
Partner with product management and operations to align architecture with product roadmaps and reliability goals.