Senior IT Cloud Security Manager

Cloud Security Architect LeadWe are seeking a skilled Cloud Security Architect Lead to oversee the design, implementation and management of our cloud security posture across AWS and Azure environments.The successful candidate will be responsible for ensuring the adoption of Zero Trust principles across all layers of identity, access, data and infrastructure, leading SecOps and SOC operations to protect against cyber threats, ensure compliance and maintain operational resilience.Key Responsibilities:Design and implement secure cloud architectures that align with organizational standards and regulatory requirements.Manage and harden cloud environments using AWS services (EC2, S3, RDS, IAM, VPC, CloudFormation, Route 53, CloudWatch) and Azure services (VMs, Storage, Networking, Azure AD, Synapse).Apply Zero Trust principles across all cloud layers, enforcing segmentation, least privilege and secure access policies.Conduct regular cloud security posture reviews and audits, ensuring adherence to frameworks such as ISO 27001, NIST, CIS and SCA.Microsoft & Identity Security ManagementAdminister and secure Microsoft 365, Exchange, Active Directory and Windows Server OS environments.Ensure effective management of domain services, identity synchronization and group policies.Implement Conditional Access, MFA and Privileged Access Management (PAM) controls to protect user and administrative identities.Integrate and maintain identity federation between cloud and on-prem systems for unified authentication.Infrastructure Operations & BAU SecurityOversee infrastructure BAU operations including backups, patching, monitoring and capacity management.Lead SecOps activities including endpoint patching, vulnerability remediation and system hardening.Manage both Windows and Linux operating systems, ensuring compliance with hardening benchmarks.Collaborate with the NOC team to ensure continuous monitoring, incident response and SLA compliance.Automation, DevSecOps & Infrastructure as Code (IaC)Implement and manage CI/CD pipelines using Azure DevOps (preferred), AWS CodePipeline and GitHub Actions.Apply Infrastructure as Code (IaC) principles using Terraform, CloudFormation, ARM, Bicep and Ansible to automate provisioning and enforce secure configurations.Integrate security scanning (SAST, DAST, dependency checks) into development and deployment pipelines.Deploy and manage container platforms (Amazon EKS, Azure AKS) with secure baseline configurations.Security Operations (SOC) & Incident ManagementOversee SOC operations, ensuring effective monitoring, alert triage and incident response.Utilize SIEM/SOAR tools (Azure Sentinel, Splunk, AWS Security Hub) for centralized visibility and automation.Lead the incident response lifecycle – detection, containment, investigation, remediation and lessons learned.Conduct root cause analysis for major incidents and ensure continuous improvement of detection rules.Risk Management, Compliance & ResilienceConduct vulnerability assessments, penetration testing and compliance reviews across systems and networks.Define risk treatment plans and ensure timely mitigation of identified risks.Maintain documentation for all cloud security controls, policies and configurations.Implement and validate Disaster Recovery (DR) and Business Continuity strategies across AWS and Azure.Required Qualifications & Experience:Bachelor's degree in Computer Science, Information Security or related field (Master's preferred).10+ years of IT and security experience, with at least 5 years in multi-cloud (AWS and Azure) security.Proven track record designing and managing cloud and hybrid security architectures.Experience implementing Zero Trust frameworks and securing cloud infrastructure and endpoints.Hands-on expertise with IAM, EDR, DLP, encryption and vulnerability management tools.Experience managing SOC/SecOps and supporting compliance with ISO 27001, NIST and SCA standards.,