Job Specifications
As the Principal Cloud Security Architect, you'll spearhead the organization's vision for a secure and innovative cloud ecosystem. Collaborating seamlessly with Infrastructure and Development teams, you'll craft and execute cutting-edge cloud strategies that drive transformation, ensure robust security, and optimize platform adoption. Your leadership will be pivotal in shaping resilient, scalable, and future-ready cloud solutions that empower the business and safeguard its digital assets.
Key Responsibilities Include
Defining cloud security architecture patterns and standards based on industry best practices.
Collaborating with domain architects and lead security engineers to design and implement security controls aligned with enterprise frameworks.
Driving cloud security governance across multi-cloud environments, ensuring secure deployment and operation of applications.
Applying deep expertise in cloud security, network architecture, system hardening, and logging to lead technical operations teams in the containment and remediation of security incidents.
Supporting incident response efforts by guiding technical remediation and ensuring lessons learned are incorporated into future architecture.
This role requires a strong combination of strategic vision, technical expertise, and cross-functional leadership to deliver scalable, secure, and compliant cloud solutions across the enterprise.
Key Responsibilities
Cloud Security Strategy & Architecture
Lead the development of cloud security architecture strategy, including technical frameworks, security standards, guidelines, and procedures for both infrastructure and software development.
Design solutions that integrate industry-standard frameworks (e.g., NIST 800-53, ISO 27002, SABSA) into enterprise architecture, aligning security with broader business and IT strategy.
Define and maintain security roadmaps to guide enterprise adoption of secure cloud and emerging technologies.
Act as a senior security advisor to the Information Technology Architecture Committee (ITAC) and Architecture Review Committee, guiding secure technology integration and architectural decisions.
Partner with application, infrastructure, and DevOps teams to implement secure cloud solutions and ensure alignment with enterprise security controls.
Influence and enable IT and business leadership through technical expertise, advocating for secure design principles across all stages of the project lifecycle.
Risk & Threat Management
Lead and manage cloud security assessments, identify architectural and operational risks, and drive remediation plans.
Establish and maintain an enterprise threat management program, including threat modeling, threat hunting, and intelligence integration to support SOC and risk management functions.
Assist Security Operations in incident response activities, guiding investigation, containment, and remediation efforts, and ensure post-incident improvements are implemented.
Secure Development & Data Protection.
Build and maintain the Secure Software Development Lifecycle (SSDLC), including secure coding standards, testing infrastructure, and compliance processes.
Oversee the development and execution of a data protection program, including data discovery, flow mapping, and Data Loss Prevention (DLP) capabilities.
Technology Enablement & Vendor Management
Evaluate and lead proof-of-concepts for new security technologies and services; manage vendor engagements related to cloud security and tooling.
Stay current with evolving technologies and threats to guide investment decisions and innovation in security capabilities.
Provide strategic mentorship to domain architects and junior cybersecurity staff, helping grow architectural thinking, technical capabilities, and cross-functional collaboration.
Education
A bachelor's degree in Computer Science, Engineering, or a related technical field is required.
Experience
15+ years of progressive experience in Information Security and Risk Management, including:
Minimum 5 years in Security Architecture, with deep involvement in strategic design and implementation.
Minimum 5 years working in cloud environments (IaaS, PaaS, SaaS), preferably across multiple platforms (AWS, Azure, GCP).
Proven experience managing complex cloud security projects and cross-functional collaboration across enterprise environments.
Strong communication and leadership skills, with the ability to influence and advise executive management, technical peers, and business stakeholders.
Deep understanding of cloud-native security principles and implementation of controls across:
Cloud Architecture & Networking.
Identity & Access Management (IAM).
CI/CD Pipeline Security.
Secrets Management & Data Protection.
Logging, Detection, and Incident Response.
Container Security (e.g., Docker, Kubernetes).
Extensive hands-on experience with enterprise cloud security frameworks and standards, including:
CIS Benchmarks, Cloud Security Alliance (CSA) guidelines.
NIST S
About the Company
OP is one of the fastest-growing technology consulting and solutions companies in the U.S. We offer advisory and managed services, innovative platforms, and staffing solutions to help clients harness the power of technology for maximum impact. With broad and deep industry expertise, we deliver solutions across AI, cybersecurity, enterprise architecture, and beyond.
We don't just consult--we challenge the norms of consulting. Our approach pairs out-of-the-box thinking with a radically lean model for faster, smarter, and more...
Know more