Cloud Security Architect

Job Title: Cloud Security Architect
Job Location: Burbank, CA - Hybrid - 3 days/week onsite
Duration: 6 months, with possible extension

Job Description:

The Cloud Security Architect is a technology and process focused thought-leader with an emphasis in public cloud architecture and engineering. As a lead member of the cloud security team, the Cloud Security Architect will help support the infosec functions of policy shaping, architectural reviews, compliance, and assessment while providing direct guidance to product and engineering teams for all public cloud related matters in Azure, Google Cloud Platform and AWS.

Job Responsibilities / Typical Day in the Role:

• Act as a Cloud Security Subject Matter Expert (SME) for client's Infosec department.
• Identify opportunities to reduce cloud security risk for the client, to solution, and to lead implementations.
• Create design artifacts to enable members of the Cloud Security team to implement solutions (built in-house or purchased from vendor).
• Partner with product teams to design secure network and serverless architectures.
• Provide strong IAM Policy guidance for least privileged access to product teams.
• Review cloud architecture and AI/ML workflows to advise development teams on strong security design principles and identification of issues prior to deployment of systems or features.
• Interface with Public Cloud providers to improve the security feature set of their products.
• Interface with cloud security vendors to evaluate features and determine proof-of-value.
• Mentor junior members of the team.
• Create and maintain documentation as it relates to cloud security designs/configurations, processes, standards, and recommendations.
• Collaborate with senior management and department leaders to assess near- and long-term cloud security needs.
• Stay current with the latest cloud threat mitigation tools and techniques.

Technology requirements:

• Experience with securing/building Azure cloud environments
• Proficient in at least one scripting language (python, Nodejs, Golang).
• Core understanding of IP Networking, routing, VPNs.
• Hands-on experience with some the following:
• Security administration in Azure
• Developing & Securing Serverless applications
• Infrastructure as code tools (Terraform, CloudFormation, Ansible)
• Command Line experience (Bash, PowerShell, AWS-CLI)
• Docker and Kubernetes
• Cloud Network (VPC) engineering
• Cloud native security related tools (Azure Defender for Cloud, AWS Guard Duty, Google Cloud Platform Security Center, WAF)
• GitHub Security

Must Have Skills / Requirements:

• Experience Designing and Implementing systems that support multiple users.
• 2+ years of experience; Design, Implementation, and Maintenance of systems used by users.
• The ability to evaluate technical documentation and diagrams for cloud environments and identify security issues in those designs.
• 2+ years of experience; Security Architectural Reviews and ability to create design artifacts including infrastructure diagrams.
• Ability to review technical configuration and identify mitigating controls for security related misconfigurations
• 2+ years; Experience Managing Exception Requests.

Nice to Have Skills / Preferred Requirements:

• AWS Certifications AWS Solutions Architect, AWS Security Specialty.
• Google Cloud Platform Certifications Associate Cloud Engineer, Professional Security Engineer.
• Security Engineer Certifications CISSP, CompTIA Security+.
• Previous Experience with Wiz, Splunk, Brinqa, integrations with Slack and Jira.