Senior Principal Cloud Security Architect

About The Position

Requirements

• Requires 10+ years of experience with a bachelor’s degree or 8+ years of experience with an advanced degree or 12+ years of experience with a high school diploma or equivalent.

Nice To Haves

• 10+ years of experience in cloud security, cloud architecture, or cybersecurity engineering roles.
• Deep expertise in AWS security architecture, with working knowledge of Azure and/or GCP security models.
• Strong understanding of identity and access management, network security, encryption, and cloud-native security services.
• Experience designing and implementing security controls in infrastructure-as-code and policy-as-code frameworks.
• Proven ability to define and enforce security standards across large-scale, multi-account or multi-project environments.
• Experience operating in regulated or audit-heavy environments.
• Experience with cloud security posture management (CSPM) platforms and automated control enforcement.
• Familiarity with enterprise identity systems (e.g., federated identity, SSO, IGA platforms).
• Experience supporting multi-cloud or hybrid cloud environments.
• Knowledge of compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) and their application in cloud environments.
• Relevant certifications such as AWS Security Specialty, Certified Cloud Security Professional (CCSP), or equivalent.

Responsibilities

• Security Architecture & Standards Define and own cloud security architecture and standards across AWS, with aligned patterns for Azure and GCP.
• Establish secure-by-default reference architectures covering identity, network segmentation, encryption, logging, and workload isolation.
• Develop and maintain security guardrails, patterns, and blueprints that are implemented through platform services.
• Governance, Controls & Enforcement Define security control frameworks and ensure alignment with regulatory, audit, and enterprise risk requirements.
• Partner with Platform Engineering to implement controls as policy-as-code, guardrails, and automated enforcement mechanisms.
• Establish and govern exception processes, including risk acceptance, time-bound approvals, and remediation tracking.
• Identity & Access Architecture Define identity and access management (IAM) standards including role design, least privilege access, federation, and service-to-service authentication.
• Ensure consistent identity patterns across AWS, Azure, and GCP aligned to enterprise identity providers and zero trust principles.
• Partner with Identity and Security teams to integrate cloud platforms into enterprise IAM and IGA systems.
• Network & Data Security Architecture Define network segmentation, traffic inspection, and secure connectivity patterns within and across cloud environments.
• Establish standards for data protection, including encryption, key management, data classification, and data residency controls.
• Ensure consistent implementation of security controls for ingress, egress, and east-west traffic.
• Observability, Detection & Response Enablement Define requirements for logging, monitoring, and detection across cloud platforms, ensuring auditability and security visibility.
• Partner with Security Operations and Cloud Operations to ensure detection capabilities are actionable and aligned with incident response processes.
• Ensure security telemetry is consistently captured and integrated into enterprise monitoring and SIEM platforms.
• Platform & Product Enablement Work with Platform Engineering to translate security standards into reusable platform capabilities and default configurations.
• Ensure security controls are embedded into account provisioning, infrastructure templates, and CI/CD pipelines.
• Enable product teams to inherit security controls through platform consumption rather than custom implementation.
• Risk, Audit & Compliance Support audits, regulatory reviews, and control assessments by providing clear documentation and evidence of control design and enforcement.
• Reduce risk through preventive controls and automated enforcement rather than reactive remediation.
• Partner with Cybersecurity and Risk teams to align cloud security posture with enterprise standard

Benefits

• MiniMed offers a competitive salary and flexible benefits package
• We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every stage of your career and life.
• This position is eligible for a short-term incentive called the Short Term Incentive (STI).
• Regular employees working 20 or more hours per week are eligible for a robust benefits package, including health, dental, and vision insurance, as well as access to a Health Savings Account, Healthcare Flexible Spending Account, life insurance, long-term disability leave, and a dependent daycare spending account.
• In addition, all regular employees enjoy incentive plans, a 401(k) plan with company match, short-term disability coverage, paid time off and holidays, participation in our Employee Stock Purchase Plan, and access to our Employee Assistance Program.
• Eligible employees may also benefit from our Non-qualified Retirement Plan Supplement and Capital Accumulation Plan, subject to IRS minimum earnings requirements.