Cloud Security Architect

Employment type

Permanent Full-Time

Location(s)

Mexico City

Mexico City

Description & Requirements

We are looking for an architect who is excited by cloud and innovation to join our team! The successful candidate will possess advanced administration and troubleshooting skills, along with knowledge to support architecture, engineering, and design principles for cloud computing and networking environments. They will be adept at working with business units and have good listening and communication skills. As a member of our team they will leverage those skills to advise, champion, and implement efficient, secure solutions across a variety of teams and environments. As a security leader, they will consistently assess the threat landscape and adapt quickly to protect the business from risk.

The Staff Architect within the Bain's Cyber Security Department is responsible for leveraging their knowledge and expertise in cloud, application, and infrastructure to collaborate on the development of standards and implementation of solutions that support the pursuit of business objectives. The Staff Architect I will drive the improvement and innovation of work processes, ensuring that established standards and best practices are followed. Additionally, they will provide guidance to colleagues, advice internal customers, offer mentorship to more junior staff members and work with stakeholders throughout the organization to champion security best practices. The Staff Architect I will demonstrate strong communication skills, both internally and externally, maintain high standards of analytical thoroughness and quality of work, take ownership of workstream with minimal oversight and prioritize efforts appropriately.

Communications, Leadership, and Teaming (20%)

    Understand and promote common security principles, practices, and frameworks.

    Draft cybersecurity strategies that align with business objectives and meet compliance and regulations and champion them throughout the organization

    Stay up to date with cybersecurity threats, risks, and vulnerabilities with potential impact to services and utilize that knowledge to actively secure the organization

    Communicate the state of cloud and network security posture to cybersecurity leaders, stakeholders, IT and developers

    Participate in professional security groups and consortiums for knowledge and building relationships

    Provide guidance to colleagues in realizing their educational and professional objectives and offer mentorship to more junior staff members.

Architecture Subject Matter Expertise (80%)

    Advise on the development of standards, frameworks, and solutions for Cloud Compute & Network security, driving standards, security best practices, and adoption

    Track and automate metrics for usage, costs, risks, and overall compliance.

    Participate in architecture process, reviews, and standards.

    Collaborate with our Platform Infrastructure, Enterprise Architecture, and other teams to support secure design, testing, implementation, and operationalization of 

scalable, resilient solutions across on-prem, hybrid, SaaS, PaaS, and IaaS environments and across geographies

    Recommend and implement cloud security tools and controls

    Use cloud security tools for asset discovery, cloud workload protection platform (CWPP), control plane configuration and cloud security posture management (CSPM)

Skills & Experience

    Demonstrates a strong ability in applying automation to all aspects of technical operations

    Possesses an established track record of continuous learning and improvement, particularly with emerging technologies and security subject matters

    Exhibits deep analytical, conceptual, and problem-solving skills

    Has the ability to effectively communicate at all levels of the entire organization and with internal and external customers

    Displays strong attention to detail and excels in priority/time management.

    Demonstrates the ability to balance customer needs with seamless security delivery

    Possesses a strong understanding of network design principles and implements zero trust/least privilege architecture.

    Proficient in one or more: Terraform, Kafka, Kubernetes, scripting (Python, JavaScript, Bash)

    Experience applying security principles such as zero trust and tools such as WAF, APIM, micro-segmentation, IaC, CNAPP, and others to deploy effective, resilient, secure solutions

    Ability to influence and collaborate with technical teams and business units and collaborate to reduce attack surface

    Preferably one or more certifications such as GCSA, CCSP, CCSK or CISSP, or one offered by AWS, Google or Microsoft