Cloud Security Architect

Why Ryan?

• Global Award-Winning Culture
• Flexible Work Environment
• Generous Paid Time Off
• World-Class Benefits and Compensation
• Rapid Growth Opportunities
• Company Sponsored Two-Way Transportation
• Exponential Career Growth

The Cloud Security Engineer is responsible for owning cloud security operations, posture management, and policy enforcement across the firm's multi-cloud environment. This role works closely with IT, platform engineering teams, and senior security leadership to identify risk early, enforce security controls, and drive measurable improvements to the firm's cloud security posture. A hands-on, self-directed approach and demonstrated experience operating in complex cloud environments is required. The Cloud Security Engineer partners with development and operations teams to integrate security requirements into the build process and serves as the cloud security subject matter expert within the Cyber Threat Operations team.
Duties and Responsibilities aligned with Key Results:

People:

• Own cloud security operations and posture management across the firm's multi-cloud environment.
• Engage directly with cloud platform and development teams as a security partner.
• Operate with a high degree of independence while maintaining clear communication with security leadership.
• May lead security team in management of daily security operation center functions.
• Consult on security requirements and identify system integrations by evaluating and understanding business strategies and requirements.
• Create a positive team member experience.

Client:

• Serve as a cloud security subject matter expert for engineering and platform teams across the firm.
• Integrate security requirements early in the build process - architecture reviews, IaC pipeline checks, and pre-deployment guardrails
• Translate risk into actionable guidance that enables delivery.
• Collaborate with our practice areas, as well as external resources, to ensure all information security-related matters are designed and maintained appropriately.
• Serve as the security expert in application design, cloud, network, mobility, and platform (operating systems) efforts.

Value:

• Own the cloud security posture management platform: configure findings, drive remediation, and maintain accurate exposure reporting.
• Enforce cloud security policies and guardrails across identity, network security, data access, and resource configuration.
• Conduct threat hunting, own detection coverage, and treat every incident as an input to something that gets hardened
• Stay current on cloud-specific adversary techniques and apply them to detection logic and hardening priorities.
• Plan and champion new security technologies, architectures, and products that will support the information security requirements for the firm.

Education/Experience:

• 8+ years of progressive information security experience, with 4-6 years of direct, hands-on cloud security exposure.
• Production experience operating a cloud security posture management or cloud-native application protection platform.
• Hands-on experience across at least two major cloud platforms.
• Cloud platform and security knowledge sufficient to interpret and prioritize CSPM findings without guidance
• Experience with cloud security policy enforcement: guardrails, baseline controls, or policy-as-code in a live environment
• Security operations background: alert triage, event investigation, and incident response
• Experience working alongside engineering or development teams as a security partner
• Clear written communication across technical and non-technical audiences
• Highly self-motivated and directed.

Preferred Experience:

• Experience with Azure, AWS, Google Cloud Platform.
• Kubernetes and container security experience.
• Shift-left experience: IaC pipeline security, pre-deployment misconfiguration checks, or CI/CD-integrated security controls.
• Knowledge of common IT regulatory compliance requirements associated with any of the following HIPAA, HITECH, ISO 27001/2, SOC 1/2, SOX, PCI and security best practices and procedures.

Certificates and Licenses:

• Microsoft AZ-500, AWS Security Specialty, or CCSP preferred.
• CISSP is a plus but not required.

Compliance with Laws:

Job duties are to be conducted in a manner that adheres to privacy laws, as well as follows internal governance related to protecting confidential information and trade secrets, and to securing data and company records.

Supervisory Responsibilities:

This role may manage a team of direct reports.

Work Environment:

• Standard indoor working environment.
• Position requires regular interaction with employees at all levels of the Firm; interface with external vendors, and clients also necessary.
• Occasional long periods of sitting while working at computer.
• Travel requirement: less than 10%.

Equal Opportunity Employer: disability/veteran