The Opportunity: Architect the Migration

We are looking for a pragmatic, builder-focused Cloud Security Architect who wants to do more than just monitor a steady state. You will be the tactical and strategic engine behind our major migration into AWS, defining the security patterns that will dictate how our applications live, breathe, and scale in the cloud. If you are ready to leave behind repetitive operational tickets to focus on design validation, threat modeling, and high-level architectural strategy, this is your next career step.

The Mission

Your core mission is to solve the complexity of secure cloud migration. We are moving critical applications to AWS, and we need an Architect to assess migration approaches, define the "golden paths" for data security, and validate designs before code hits production. You will bridge the gap between technical infrastructure, application owners, and business stakeholders, ensuring that security is an enabler of user experience, not a blocker.

Key Responsibilities

• Define Cloud Security Patterns: Create and document reusable security patterns and guardrails for AWS migration, ensuring teams have a secure blueprint to build against.
• Architecture Design & Validation: Conduct deep-dive design reviews and service validations for applications moving to the cloud. You will be the final gate of approval for security architecture.
• Migration Strategy Assessment: Evaluate various migration strategies (Rehost, Replatform, Refactor) to identify risks and implement compensating controls specific to data security.
• Threat Modeling: Lead threat modeling sessions with engineering teams to identify vulnerabilities in the design phase (shifting security left).
• Business & Stakeholder Alignment: Translate complex security risks into business language. You will meet with application owners and business sponsors to discuss priorities, user experience, and risk appetite.
• Data Security Governance: Establish strict requirements and guidelines for data protection, encryption, and classification within the AWS environment.

Must-Have Technical Skills

• Experience: 5-7+ years in Cybersecurity with a dedicated focus on Security Architecture or Cloud Engineering.
• AWS Mastery: Deep, hands-on understanding of the AWS ecosystem (IAM, VPC, Security Groups, GuardDuty, KMS, etc.) and how to secure it.
• Migration Experience: Proven track record of supporting cloud migration projects (on-prem to cloud or hybrid).
• Architectural Competence: Experience conducting design reviews, architectural assessments, and validating service configurations.
• Communication: Exceptional soft skills. You must be able to hold your own in a room with non-technical business leaders and explain why a security control matters to their bottom line.

"Nice to Haves" (Differentiators)

• Regional Location: Residence in the Philadelphia or NY Metro area is a massive plus.
• Certifications: CISSP, CCSP, or AWS Certified Security – Specialty.
• Framework Knowledge: Familiarity with NIST, ISO 27001, or SOC2 controls as they apply to cloud infrastructure.
• DevSecOps Exposure: Experience with Infrastructure as Code (Terraform/CloudFormation) and CI/CD pipeline security.

The Tech Stack

• Cloud Platform: AWS (Primary focus).
• Identity & Access: Okta, AWS IAM, SailPoint.
• Infrastructure: Terraform, Kubernetes/Containers.
• Security Tools: Palo Alto, Splunk (or similar SIEM), vulnerability scanning tools.
• Documentation: Visio, LucidChart, Confluence.