Cloud Security Architect

Cloud Security Architect

Redmond, WA

Overview

The Cloud Security Architect will be responsible for assessing and enhancing the security posture of client cloud environments, identifying vulnerabilities, and recommending remediation strategies.

This role requires a strong focus on both technical security controls and process governance to ensure resilient, compliant, and secure cloud architectures. The Cloud Security Architect will engage directly with clients, guiding them through security assessments, architecture reviews, and implementation plans.

Key responsibilities

• Assessthesecuritypostureofcustomercloudworkloadsandenvironmentstoidentify vulnerabilities and gaps.
• Recommendanddesignsecurityinterventionsalignedwithbestpracticesandcompliance
• EvaluateandstrengthenconfigurationsforAzuresecurityservices,including Microsoft Defender for Cloud, Sentinel, Key Vault, Azure AD (Entra ID), Privileged Identity Management (PIM), Azure Policy, and governance and observability tools such as Azure Monitor and Log Analytics.
• Leadandfacilitatesecurityarchitectureworkshops,riskassessments,andgovernancereviews with client teams.
• Collaboratewithcross-functionalteamstoensurealignmentbetweensecurity,operations,and business objectives.
• Conductthoroughsecurityriskassessmentsandensuremitigationstrategiesare
• Drivecontinuousimprovementofsecurityprocessesandcontrolsbasedonevolvingthreat landscapes and compliance frameworks.
• Ensure adherence to industry frameworks and regulations such as NIST,ISO/IEC27001,HIPAA, GDPR, and Fed RAMP..

Required Qualifications:

• Minimum5yearsofexperienceincloudsecurityarchitectureandassessment,specifically within Microsoft Azure environments.
• DeepknowledgeofAzuresecurityarchitectureandcloud-nativesecurityresiliency
• Strong experience with security frameworks and methodologies(e.g.,MicrosoftMCRA,Security Adoption Framework, Zero Trust) and industry standard security architecture frameworks
• Proficientinvulnerabilitymanagement,riskassessment,andsecuritycompliance
• Abilitytocommunicatecomplexsecurityconceptsclearlytobothtechnicalandnon-technical
• Verifiableexperienceincommunicatingandpresentingtoexecutiveslikea
• Strong written and verbal communication and documentation
• Hands-onexperiencewithAzuresecurityandgovernanceservices:MicrosoftDefenderfor Cloud, Sentinel, Key Vault, Azure AD (Entra ID), PIM, Azure Policy, Azure Monitor, and Log
• FamiliaritywithMicrosoftSecurityAssessments,suchastheWell-ArchitectedReview Assessment (WARA) and Microsoft Security Assessment Frameworks.
• Experienceworkingdirectlywithclientsincustomer-facingrolestodeliversecurityassessments and solutions.

• Solid understanding of process governance, security incident response planning, and Major Incident Response Plan (MIRP) development.

Preferred qualifications

• Strong consulting experience with direct client engagement and workshop
• FamiliaritywithSOCintegration,securityoperationscenterworkflows,andincidentresponse
• Experience with compliance frameworks such as HIPAA, GDPR, FedRAMP,or
• Expertise with SIEM/SOARtools, automation, and security
• Proventrackrecorddeliveringexecutive-levelsecurityarchitecturereviewsand

Certifications Required:

• Microsoft Certified: Cybersecurity Architect Expert
• ITIL Foundation Certification Preferred:
• Microsoft Certified: Azure Security Engineer Associate
• Certified Information Systems Security Professional(CISSP)
• Microsoft Certified: Security Operations Analyst Associate
• Microsoft Certified: Identity and Access Administrator Associate
• Microsoft Certified: Azure Administrator Associate
• Business Continuity and Disaster Recovery(BC/DR)certificationssuchasCBCP,MBCI,ISO22301, or equivalent industry-recognized certifications