Senior Cloud Security Architect

FTE

We are seeking a Senior Cloud Security Architect to define and lead security architecture across multi-cloud platforms (AWS, Microsoft Azure, and Google Cloud Platform) and AI/Generative AI (GenAI) workloads. This role will be responsible for designing secure cloud and AI architectures, establishing governance and guardrails, and partnering with engineering, data, and AI teams to securely enable innovation at scale.

The ideal candidate possesses deep cloud security expertise, strong architectural leadership, and recognized industry certifications, including CISSP, CCSP, and cloud-provider security credentials, with at least 8 years of hands-on experience in cloud security architecture.

Key Responsibilities
Cloud Security Architecture & Strategy
1. Design and maintain secure, scalable, and resilient security architectures across AWS, Azure, and Google Cloud Platform.
2. Define cloud and AI security reference architectures, patterns, and standards covering IaaS, PaaS, containers, serverless, and AI platforms.
3. Lead security architecture reviews for cloud and AI initiatives, ensuring consistency, defense-in-depth, and least-privilege design.
4. Managed AI services (e.g., Amazon Bedrock, Azure OpenAI, Google Cloud Platform Vertex AI), self-hosted and open-source models

Identity, Network, and Data Security
1. Architect IAM strategies for cloud and AI services (human, workload, and service identities).
2. Design network security architectures (segmentation, private endpoints, service perimeters, Zero Trust).
3. Define data protection and key management strategies for cloud and AI workloads, including encryption, KMS/HSM, BYOK/HYOK, and secrets management.

Risk Management, Compliance & AI Governance
1. Ensure cloud and AI architectures align with security and compliance frameworks (NIST, ISO 27001, SOC 2, CIS, GDPR, etc.).
2. Contribute to AI governance programs, including:
1. Responsible AI and ethical AI principles
2. Model risk management and lifecycle controls
3. Compliance with emerging AI regulations and standards (e.g., NIST AI RMF, EU AI Act readiness)
3. Support threat modeling, risk assessments, and control mapping for both cloud and AI systems.

Security Engineering & Automation (DevSecOps / MLOps)
1. Embed security into CI/CD and MLOps pipelines for cloud and AI workloads.
2. Promote infrastructure-as-code and policy-as-code for consistent security enforcement.
3. Define detection and response strategies using cloud-native and AI-aware security tooling, including logging, SIEM integration, and anomaly detection.

Leadership & Collaboration
1. Serve as a senior security authority and trusted advisor for cloud, platform, data, and AI engineering teams.
2. Mentor engineers and architects on cloud and AI security best practices.
3. Evaluate and recommend cloud, AI, and security platforms and third-party solutions.

Required Qualifications

Experience
1. 8+ years of experience in cloud security architecture, security engineering, or related roles.
2. Demonstrated experience securing multi-cloud environments (AWS, Azure, Google Cloud Platform).
3. Hands-on experience designing security controls for AI/ML or GenAI workloads in production environments.

Certifications (Required)
1. CISSP (Certified Information Systems Security Professional)
2. CCSP (Certified Cloud Security Professional)
3. Cloud security certifications, such as:
1. AWS Certified Security Specialty
2. Microsoft Certified: Azure Security Engineer (Associate or Expert)
3. Google Professional Cloud Security Engineer

Technical Skills
1. Deep expertise in:
1. Cloud IAM, networking, logging, and security services
2. Encryption, PKI, KMS/HSM, and secrets management
3. Kubernetes and container security
2. Strong understanding of:
1. AI/ML pipelines, GenAI architectures, and model lifecycle
2. AI-specific threat models and mitigations
3. DevSecOps and secure MLOps practices

Preferred Qualifications
1. Experience securing regulated or high-risk environments (financial services, healthcare, government).
2. Familiarity with Zero Trust and privacy-enhancing technologies.
3. Knowledge of AI governance frameworks (NIST AI RMF, ISO/IEC 23894, EU AI Act).
4. Strong communication skills with the ability to influence both technical and executive stakeholders.