Cloud Security Architect Role
Job Description:
We are seeking an experienced Cloud Security Architect to join our Engineering chapter team. In this hybrid role, you will be responsible for designing, implementing and securing cloud infrastructure solutions with a strong focus on integrating security throughout the development, deployment, and operations lifecycle.
Main Responsibilities:
* Cloud Architecture Design: Design and implement scalable, secure, and highly available cloud infrastructures that meet business needs and technical requirements, ensuring compliance with security best practices, industry standards, and regulatory requirements.
* Cloud Governance: Implement cloud security governance policies and ensure adherence to cloud security standards. Utilize Azure Defender, Azure Policy, Management Groups, and Azure Blueprints to enforce governance and security controls.
* Identity & Access Management (IAM): Implement and manage secure authentication and authorization policies using Azure Entra ID, Privileged Identity Management (PIM), role-based access control (RBAC), and conditional access to ensure least-privilege access for users, applications, and services.
* Encryption & Data Protection: Ensure that all data stored and transmitted in Azure environments is protected using encryption techniques. Architect solutions that use Azure Key Vault for secure key management and Azure Disk Encryption for data protection.
* Automation & Security Tools: Utilize automation tools (e.g. ArgoCD) and DevSecOps principles to implement security into the CI/CD pipeline, ensuring that security testing, vulnerability scanning, and security checks are integrated into the entire software development lifecycle.
* Security Monitoring & Incident Response: Automate security tasks including vulnerability scanning, compliance checks, threat detection, and security monitoring using tools like Azure Sentinel, Azure Monitor, and Azure Defender. Develop and execute incident response plans for handling security breaches.
* Disaster Recovery & Business Continuity: Design and implement secure disaster recovery strategies, ensuring that data, applications, and services are protected and recoverable in case of incidents.
* Cost Management & Optimization: Monitor cloud usage and costs, recommend optimization strategies, and help implement cost-effective cloud solutions while ensuring security and performance.
* Risk Assessment & Management: Conduct security risk assessments, vulnerability assessments, and penetration testing to identify weaknesses in Azure-based applications and infrastructure. Provide remediation strategies to address identified risks.
Requirements:
* Experience: 5+ years of experience in cloud security, cloud architecture, DevSecOps or related roles, with at least 3+ years of hands-on experience in architecting secure environments on Microsoft Azure.
* Knowledge: Strong understanding of cloud networking, hybrid cloud, and virtual networking concepts (e.g., VPNs, subnets, NSGs, load balancing, hub-spoke).
* Certifications: Microsoft Azure certifications, such as Azure Solutions Architect Expert, Azure Security Engineer Associate, or Microsoft Certified: Azure DevOps Engineer Expert. Security certifications such as CISSP, CCSP, Certified Cloud Security Professional (CCSP), or Certified Information Security Manager (CISM).
* Skills: Proficient in scripting languages (e.g., PowerShell, Azure CLI, Python) to automate security tasks and infrastructure provisioning. Excellent problem-solving and troubleshooting skills in cloud environments. Strong communication skills with the ability to explain complex security concepts to non-technical stakeholders and to collaborate across teams.
Language:
English (C1). Additional languages: French (B1), Dutch (B1).
Ongoing Training & Development:
Opportunities for ongoing training and development, including participation in a duty roll (24*7).