Overview
Skills
Job Details
Location & Work Arrangement
- City, State: Columbus, Ohio
- Work Arrangement: Remote (Primary work location); Hybrid (In-person attendance for meetings is required as needed). Candidates local to Columbus are strongly preferred.
- Contract: This is a Contract position.
- Mode of Interview: In person interviews only.
Key Responsibilities and Technical Focus
The Cloud Security Architect will be responsible for building the foundation of cloud security and ensuring compliance and risk mitigation across all cloud workloads.
1. Architecture & Program Leadership
- Program Creation: Lead the development and establishment of the Cloud Security Architecture program.
- Tool Implementation: Lead the evaluation, selection, and implementation of Cloud Security detection and monitoring tools (e.g., Microsoft Defender for Cloud, Defender for Identity).
- Governance: Establish Standard Operating Procedures (SOPs), update related policy documents, and review solutions for compliance to Cloud Security standards.
- Advisory: Participate on project teams to advise on cloud security best practices and solutions.
2. Cloud Platform Expertise & Security Domains
- Cloud Platforms: Deep understanding of and thought leadership in AWS, Azure, and/or Google Cloud Platform (Google Cloud Platform).
- Cloud-Native Services: Familiarity with cloud-native services (IAM, VPC, KMS, Security Groups).
- DevSecOps Integration: Leading and incorporating Cloud Security Architecture into the DevSecOps / DevOps program.
- Workload Security: Expertise in securing workloads, containers, and orchestration technologies (i.e., Docker / Kubernetes).
3. Mandatory Security Domains
| Security Domain | Key Concepts |
| Security Architecture | Designing secure cloud architectures, applying Zero Trust principles, understanding the shared responsibility model. |
| Identity and Access | Role-based access control (RBAC), Single Sign-On (SSO), MFA, Federated identity, Privileged access management. |
| Data Protection | Encryption (at rest and in transit), Key Management Systems (KMS, HSM), Data classification and DLP. |
| DevSecOps & IaC | Integrating security into CI/CD pipelines, Infrastructure as Code (IaC) security (Terraform, CloudFormation), Security scanning tools (Snyk, Checkov). |
| Threat Modeling | Identifying/mitigating cloud-specific threats, using frameworks like STRIDE or MITRE ATT&CK for Cloud. |
| Compliance & Governance | Familiarity with standards like NIST, CIS, ISO 27001, SOC 2, HIPAA, GDPR, and Policy-as-code (OPA, Sentinel). |
4. Training and Knowledge Transfer
- Train Security Team members (DAS and JFS) in related tools and processes.
- Conduct thorough knowledge transfer to internal staff.
Required Qualifications Summary
| Skill Set Category | Key Technologies/Concepts | Minimum Experience |
| Cloud Security Architecture | Thought leadership in AWS, Azure, and/or Google Cloud Platform with a focus on security design. | 3 Years |
| Compliance & Governance | Familiarity with standards like NIST, CIS, ISO 27001, SOC 2, HIPAA, GDPR. | Required |
| DevSecOps / IaC | Integrating security into CI/CD pipelines, IaC security (Terraform, CloudFormation). | Required |
| Threat Intelligence | Using frameworks like STRIDE or MITRE ATT&CK for Cloud for threat mitigation. | Required |
| Security Tools | Experience evaluating and implementing Cloud Security detection/monitoring tools (e.g., Microsoft Defender for Cloud). | N/A |
| Certifications (Desired) | CCSP, AWS Security Specialty, Azure Security Engineer, Google Cloud Security Engineer, CISSP. | Highly Desired |