Role Overview
The Cloud Security Architect will lead and elevate our cloud security posture across the BU, with a strong emphasis on Microsoft Azure. The ideal candidate is deeply experienced in cloud security principles, tooling, and governance, while also bringing a solid understanding of cloud architecture and development best practices to ensure secure-by-design cloud solutions. This role is crucial in aligning cloud security strategy with business requirements, guiding secure cloud adoption, and collaborating with product teams, cloud engineers, and external consultants.
Key Responsibilities
- Leads the design, implementation, and governance of Azure cloud security controls, aligned with industry standards (e.g., CIS, NIST, ISO 27001)
- Continuously strengthen Azure security posture using tools such as Defender for Cloud, Sentinel, Azure Policy, RBAC, and PIM
- Develops and maintains cloud security policies, standards, and secure configuration baselines.
- Coordinates the identification, prioritization, and remediation of cloud vulnerabilities and misconfigurations.
- Supports security assessments, threat modeling, and risk analysis for cloud based solutions.
- Provides guidance during cloud security incidents and contribute to incident response processes and root cause analysis.
- Collaborates with cloud architects and development teams to ensure secure-by design patterns and reference architectures.
- Provides architectural security input on Azure services, identity models, network design, and application deployment patterns.
- Supports the creation of reusable secure infrastructure templates (e.g., Pulumi, Terraform) and DevSecOps automation.
- Translates technical security risks into clear business impacts for stakeholders.
- Willingness to grow into taking care of overarching Security Management topics. Support audits, compliance initiatives, and risk assessments. Serve as a key liaison between engineering teams, security consultants, and business stakeholders.
