Senior Cloud Security Architect

About The Position

Requirements

• 12+ years of experience in Cybersecurity, with at least 6 years focused on architecting secure cloud environments at scale
• Demonstrated expertise designing and implementing Zero Trust architectures across multi-cloud environments (AWS, Azure, or GCP)
• Expert knowledge of Identity-First Security, including Cloud Infrastructure Entitlement Management (CIEM), Just-In-Time (JIT) access provisioning, and complex OIDC/SAML federation flows
• Hands-on proficiency with cloud-native security suites: AWS Security Hub, Azure Defender, and/or GCP Security Command Center
• Experience developing Policy as Code frameworks using Terraform or equivalent IaC tooling for automated compliance enforcement
• Proficiency in scripting and automation languages (Python, Go, or Bash) for custom security automations and SOAR platform integration
• Deep experience embedding security testing (SAST/DAST/SCA) into CI/CD pipelines within a DevSecOps framework
• Advanced understanding of secure cloud networking, including SD-WAN, Cloud WAF, and Zero Trust Network Access (ZTNA)
• Working knowledge of CNAPP and CSPM tooling for cloud posture management and misconfiguration remediation
• Familiarity with regulatory and compliance frameworks including NIST, CIS Benchmarks, and SOC 2

Nice To Haves

• Advanced degree in Computer Science, Cybersecurity, or a related engineering discipline
• Active top-tier security certifications (e.g., CISSP, CCSP, AWS Security Specialty, GCP Professional Cloud Security Engineer, Azure Security Engineer Associate, or equivalent)
• Prior experience in a federal government or public-sector consulting environment; familiarity with FedRAMP and FISMA compliance
• Experience architecting security frameworks for AI/ML pipelines and LLM-integrated applications
• Proven track record implementing Zero Standing Privilege models in large enterprise or government environments
• Experience operating at the executive advisory level, presenting security risk posture and roadmap to C-suite leadership
• Familiarity with SOAR platforms and AI-driven threat detection tooling for cloud environments

Responsibilities

• Lead the design of a global Zero Trust architecture, ensuring robust identity governance (IAM), network micro-segmentation, and data encryption across AWS, Azure, and/or GCP
• Architect specialized security frameworks for AI/ML pipelines, focusing on data privacy for training sets, model integrity, and securing LLM-integrated applications against emerging attack vectors
• Develop and enforce enterprise-wide security policies using Infrastructure-as-Code tools (e.g., Terraform), ensuring non-compliant infrastructure is automatically remediated or blocked from deployment
• Design and oversee integration of CNAPP and CSPM tools to provide real-time visibility into misconfigurations, vulnerabilities, and excessive permissions
• Conduct deep-dive threat modeling for complex cloud-native systems, simulating advanced persistent threats (APTs) and blast-radius scenarios to strengthen system resilience
• Drive the organization's transition to a Zero Standing Privilege model for all production environments
• Achieve automated auditing for core compliance frameworks, including NIST and CIS Benchmarks
• Leverage AI-driven monitoring to minimize Mean Time to Detect (MTTD) anomalous cloud activity
• Act as lead security advisor for the Cloud Architecture team, bridging DevOps agility with rigorous regulatory compliance (SOC 2, FedRAMP)
• Communicate security risks, architecture decisions, and roadmap recommendations clearly to C-suite and executive stakeholders
• Embed automated security testing (SAST/DAST/SCA) directly into CI/CD pipelines as part of a mature DevSecOps practice

Benefits

• Comprehensive health, dental, and vision coverage for employees and eligible dependents
• Generous PTO accrual plus all 11 federally recognized holidays
• Competitive employer match to support your long-term financial goals