Job Description: Cloud Security Architect
Job Summary
We're looking for an expert Cloud Security Architect to join our team. In this role, you'll be responsible for assessing and certifying cloud services to ensure they're used securely within the organization. You'll document approved security patterns and embed them into our threat modeling platform. Your work is crucial for making sure our cloud services are consistently evaluated, aligned with security and compliance requirements, and supported by reusable patterns.
Key Responsibilities
-
Cloud Service Assessment: Evaluate cloud services against internal and external security requirements and control frameworks.
-
Certification Support: Identify threats, mitigations, and assurance evidence to support the formal certification of services by producing assessment documentation.
-
Security Pattern Development: Develop clear and consistent security patterns for approved cloud services, ensuring each pattern includes defined threats, mitigations, and implementation guidance.
-
Threat Modeling Integration: Model security patterns in the threat modeling tool, aligning threat and control mappings with the organization s assurance framework.
-
Collaboration and Improvement: Work with architecture, security, and compliance teams to streamline service certification. You'll also review updates from cloud providers and revise patterns as needed.
-
Knowledge Transfer: Provide guidance to other teams on using security patterns effectively.
Required Qualifications
-
A strong understanding of cloud security architectures across AWS, GCP, or Azure.
-
Practical, hands-on experience in threat modeling.
-
Familiarity with application security principles.
-
Familiarity with security control frameworks such as MITRE CAPEC and CWE, NIST 800-53, ISO 27001, or CIS Controls