Cloud Security Architect
Employment type
Permanent Full-Time
Description & Requirements
We are looking for an architect who is excited by cloud and innovation to join our team! The successful candidate will possess advanced administration and troubleshooting skills, along with knowledge to support architecture, engineering, and design principles for cloud computing and networking environments. They will be adept at working with business units and have good listening and communication skills. As a member of our team they will leverage those skills to advise, champion, and implement efficient, secure solutions across a variety of teams and environments. As a security leader, they will consistently assess the threat landscape and adapt quickly to protect the business from risk.
The Staff Architect within the Bain's Cyber Security Department is responsible for leveraging their knowledge and expertise in cloud, application, and infrastructure to collaborate on the development of standards and implementation of solutions that support the pursuit of business objectives. The Staff Architect I will drive the improvement and innovation of work processes, ensuring that established standards and best practices are followed. Additionally, they will provide guidance to colleagues, advice internal customers, offer mentorship to more junior staff members and work with stakeholders throughout the organization to champion security best practices. The Staff Architect I will demonstrate strong communication skills, both internally and externally, maintain high standards of analytical thoroughness and quality of work, take ownership of workstream with minimal oversight and prioritize efforts appropriately.
Communications, Leadership, and Teaming (20%)
• Understand and promote common security principles, practices, and frameworks.
• Draft cybersecurity strategies that align with business objectives and meet compliance and regulations and champion them throughout the organization
• Stay up to date with cybersecurity threats, risks, and vulnerabilities with potential impact to services and utilize that knowledge to actively secure the organization
• Communicate the state of cloud and network security posture to cybersecurity leaders, stakeholders, IT and developers
• Participate in professional security groups and consortiums for knowledge and building relationships
• Provide guidance to colleagues in realizing their educational and professional objectives and offer mentorship to more junior staff members.
Architecture Subject Matter Expertise (80%)
• Advise on the development of standards, frameworks, and solutions for Cloud Compute & Network security, driving standards, security best practices, and adoption
• Track and automate metrics for usage, costs, risks, and overall compliance.
• Participate in architecture process, reviews, and standards.
• Collaborate with our Platform Infrastructure, Enterprise Architecture, and other teams to support secure design, testing, implementation, and operationalization of
scalable, resilient solutions across on-prem, hybrid, SaaS, PaaS, and IaaS environments and across geographies
• Recommend and implement cloud security tools and controls
• Use cloud security tools for asset discovery, cloud workload protection platform (CWPP), control plane configuration and cloud security posture management (CSPM)
Skills & Experience
• Demonstrates a strong ability in applying automation to all aspects of technical operations
• Possesses an established track record of continuous learning and improvement, particularly with emerging technologies and security subject matters
• Exhibits deep analytical, conceptual, and problem-solving skills
• Has the ability to effectively communicate at all levels of the entire organization and with internal and external customers
• Displays strong attention to detail and excels in priority/time management.
• Demonstrates the ability to balance customer needs with seamless security delivery
• Possesses a strong understanding of network design principles and implements zero trust/least privilege architecture.
• Proficient in one or more: Terraform, Kafka, Kubernetes, scripting (Python, JavaScript, Bash)
• Experience applying security principles such as zero trust and tools such as WAF, APIM, micro-segmentation, IaC, CNAPP, and others to deploy effective, resilient, secure solutions
• Ability to influence and collaborate with technical teams and business units and collaborate to reduce attack surface
• Preferably one or more certifications such as GCSA, CCSP, CCSK or CISSP, or one offered by AWS, Google or Microsoft