Senior Cloud Security Lead

Job Overview:Senior Cloud Security ArchitectThis role is responsible for designing and implementing a comprehensive cloud security strategy that protects our organization's digital assets across multiple cloud platforms.The ideal candidate will have extensive experience in cloud security, with a strong background in architecture, governance, and compliance. They must be able to analyze complex security threats and develop effective mitigation strategies to ensure the confidentiality, integrity, and availability of our data.Key Responsibilities:Cloud Security Architecture & Governance:Design and implement secure cloud architectures that align with organizational standards and regulatory requirements.Manage and harden cloud environments using AWS services (EC2, S3, RDS, IAM, VPC, CloudFormation, Route 53, CloudWatch) and Azure services (VMs, Storage, Networking, Azure AD, Synapse).Apply Zero Trust principles across all cloud layers, enforcing segmentation, least privilege, and secure access policies.Microsoft & Identity Security Management:Administer and secure Microsoft 365, Exchange, Active Directory, and Windows Server OS environments.Ensure effective management of domain services, identity synchronization, and group policies.Implement Conditional Access, MFA, and Privileged Access Management (PAM) controls to protect user and administrative identities.Infrastructure Operations & BAU Security:Oversee infrastructure BAU operations including backups, patching, monitoring, and capacity management.Lead SecOps activities including endpoint patching, vulnerability remediation, and system hardening.Manage both Windows and Linux operating systems, ensuring compliance with hardening benchmarks.Automation, DevSecOps & Infrastructure as Code (IaC):Implement and manage CI/CD pipelines using Azure DevOps (preferred), AWS CodePipeline, and GitHub Actions.Apply Infrastructure as Code (IaC) principles using Terraform, CloudFormation, ARM, Bicep, and Ansible to automate provisioning and enforce secure configurations.Integrate security scanning (SAST, DAST, dependency checks) into development and deployment pipelines.Security Operations (SOC) & Incident Management:Oversee SOC operations, ensuring effective monitoring, alert triage, and incident response.Utilize SIEM/SOAR tools (Azure Sentinel, Splunk, AWS Security Hub) for centralized visibility and automation.Lead the incident response lifecycle—detection, containment, investigation, remediation, and lessons learned.Risk Management, Compliance & Resilience:Conduct vulnerability assessments, penetration testing, and compliance reviews across systems and networks.Define risk treatment plans and ensure timely mitigation of identified risks.Implement and validate Disaster Recovery (DR) and Business Continuity strategies across AWS and Azure.Requirements:10+ years of IT and security experience, with at least 5 years in multi-cloud (AWS and Azure) security.Proven track record designing and managing cloud and hybrid security architectures.Experience implementing Zero Trust frameworks and securing cloud infrastructure and endpoints.Hands-on expertise with IAM, EDR, DLP, encryption, and vulnerability management tools.Certifications: CISSP or CCSP (required)Skills & Competencies:Cloud security architecture (AWS & Azure)Identity and access management (IAM, PAM, MFA, Conditional Access)Infrastructure as Code (Terraform, CloudFormation, ARM, Bicep, Ansible)SOC and SecOps operations managementEndpoint and vulnerability management (EDR, patching, DLP)DevSecOps and CI/CD integration (Azure DevOps preferred)Networking, firewalls, VPN, and hybrid connectivity security