Smartcloudsolution
Enterprise Cloud Security Architect (780531)
Smartcloudsolution, Frankfort, Kentucky, United States
Job Description
The CloudSecurity Architect is responsible for the establishment of Cloud SecurityArchitecture program within ODJFS. This resource, working with the IT Governance andRisk Management Office will support the creation of Cloud Security Architecture program that will include:
Responsibilities
·Leading the evaluation, selection, and implementation of Cloud Security detection and monitoring tools (i.e. MicrosoftDefender for Cloud, Defender for Identity)
·These tools will monitor and scan Cloud workloadsand servers to ensure they are securely configured (configuration management)and not vulnerable.
·Work with DAS teams for implementation
·Workloads, container, and orchestration (i.e.Docker /Kubernetes) security
·Leading and Incorporating Cloud Security Architecture into the DevSecOps /DevOps program
·Update any related Policy documents
·Established Standard Operating Procedures aroundand for Cloud Security Architecture
·Reviewing solutions for compliance to CloudSecurity
·Participating on Project Teams to advise on CloudSecurity
·Training Security Team members in related tools and processes (DAS and JFS)
Knowledge transferMandatory Skills:
Mandatory Skills
Cloud Platforms (IaaS, PaaS, SaaS)
Deep understanding of
AWS ,
Azure , and/or
Google Cloud Platform (GCP)
Familiarity with cloud-native services (e.g., IAM, VPC, KMS, Security Groups)
Security Architecture & Design
Designing secure cloud architectures
Applying
Zero Trust
principles
Understanding of
shared responsibility models
Identity and Access Management (IAM)
Role-based access control (RBAC)
Single Sign-On (SSO), MFA, and federated identity
Privileged access management
Network Security
Firewalls, VPNs, segmentation, and secure connectivity
Cloud-native network security tools (e.g., AWS Security Groups, Azure NSGs)
Data Protection
Encryption at rest and in transit
Key management systems (KMS, HSM)
Data classification and loss prevention (DLP)
Compliance & Governance
Familiarity with standards like
NIST , CIS , ISO 27001 , SOC 2 , HIPAA , GDPR
Policy-as-code (e.g., using tools like OPA, Sentinel)
DevSecOps & Automation
Integrating security into CI/CD pipelines
Infrastructure as Code (IaC) security (e.g., Terraform, CloudFormation)
Security scanning tools (e.g., Snyk, Checkov)
Threat Modeling & Risk Assessment
Identifying and mitigating cloud-specific threats
Using frameworks like STRIDE or MITRE ATT&CK for Cloud
Desired Certifications/Skills
Certified Cloud Security Professional (CCSP)
AWS Certified Security – Specialty
Microsoft Certified: Azure Security Engineer Associate
Google Professional Cloud Security Engineer
CISSP (for broader security architecture knowledge)
Notes
In person interviews
Candidates local to Columbus preferred
#J-18808-Ljbffr
Responsibilities
·Leading the evaluation, selection, and implementation of Cloud Security detection and monitoring tools (i.e. MicrosoftDefender for Cloud, Defender for Identity)
·These tools will monitor and scan Cloud workloadsand servers to ensure they are securely configured (configuration management)and not vulnerable.
·Work with DAS teams for implementation
·Workloads, container, and orchestration (i.e.Docker /Kubernetes) security
·Leading and Incorporating Cloud Security Architecture into the DevSecOps /DevOps program
·Update any related Policy documents
·Established Standard Operating Procedures aroundand for Cloud Security Architecture
·Reviewing solutions for compliance to CloudSecurity
·Participating on Project Teams to advise on CloudSecurity
·Training Security Team members in related tools and processes (DAS and JFS)
Knowledge transferMandatory Skills:
Mandatory Skills
Cloud Platforms (IaaS, PaaS, SaaS)
Deep understanding of
AWS ,
Azure , and/or
Google Cloud Platform (GCP)
Familiarity with cloud-native services (e.g., IAM, VPC, KMS, Security Groups)
Security Architecture & Design
Designing secure cloud architectures
Applying
Zero Trust
principles
Understanding of
shared responsibility models
Identity and Access Management (IAM)
Role-based access control (RBAC)
Single Sign-On (SSO), MFA, and federated identity
Privileged access management
Network Security
Firewalls, VPNs, segmentation, and secure connectivity
Cloud-native network security tools (e.g., AWS Security Groups, Azure NSGs)
Data Protection
Encryption at rest and in transit
Key management systems (KMS, HSM)
Data classification and loss prevention (DLP)
Compliance & Governance
Familiarity with standards like
NIST , CIS , ISO 27001 , SOC 2 , HIPAA , GDPR
Policy-as-code (e.g., using tools like OPA, Sentinel)
DevSecOps & Automation
Integrating security into CI/CD pipelines
Infrastructure as Code (IaC) security (e.g., Terraform, CloudFormation)
Security scanning tools (e.g., Snyk, Checkov)
Threat Modeling & Risk Assessment
Identifying and mitigating cloud-specific threats
Using frameworks like STRIDE or MITRE ATT&CK for Cloud
Desired Certifications/Skills
Certified Cloud Security Professional (CCSP)
AWS Certified Security – Specialty
Microsoft Certified: Azure Security Engineer Associate
Google Professional Cloud Security Engineer
CISSP (for broader security architecture knowledge)
Notes
In person interviews
Candidates local to Columbus preferred
#J-18808-Ljbffr