Secure Cloud Architectures Specialist

Job Title

Cloud Security Strategist

We are seeking an experienced Cloud Security Strategist to design and implement secure cloud architectures for AWS-hosted services and applications. The ideal candidate will have deep expertise in application security, cloud-native security practices, and AWS services, with the ability to provide architectural guidance, mentor engineering teams, and act as a subject matter expert (SME) in security governance, audits, and compliance.

This role requires a strong balance of hands-on technical ability and the capacity to engage with executive stakeholders, guiding security strategies and embedding secure-by-design principles across the enterprise.

1. ">
2. Design and implement application security architecture for AWS-hosted applications and services.">
3. Ensure secure-by-design initiatives across the SDLC, including threat modeling, risk assessments, and architecture reviews.">
4. Produce and review Architecture Decision Records (ADRs) to maintain robust documentation.">
5. Collaborate with software engineers, DevOps teams, security engineers, and cloud architects to align solutions with security best practices.">
6. Define and promote secure coding standards and security-focused CI/CD pipelines.">
7. Provide guidance on integrated security tools such as MAST, SAST, DAST, SCA, IaC scanning, and secret detection, tailored for cloud environments.">
8. Develop reusable security reference architectures and design patterns for AWS microservices, APIs, containers, and serverless workloads.">
9. Monitor and evaluate emerging AWS security features, providing recommendations for adoption.">
10. Support incident response and forensic investigations related to application-layer attacks.">
11. Guide remediation strategies for vulnerabilities and design flaws.">
12. Serve as a security SME in governance, audits, and compliance initiatives.">
13. Conduct architectural governance reviews, ensuring projects align with technical strategies, platform roadmaps, and enterprise standards.">
14. Drive detailed solution design and partner with stakeholders for implementation.">
15. Explore and pilot innovative security technologies, running PoCs to strengthen organizational security.">
16. Mentor and coach engineering colleagues on secure solution design, providing architectural advice and technical leadership.">
17. Participate in enterprise-wide architecture and engineering discussions, introducing new paradigms and solutions.">
18. Communicate security strategy and direction to senior leadership and executives.">

• ">
• 7+ years of experience in application security, software engineering, or security architecture roles.">
• 3+ years of hands-on AWS experience with services such as IAM, KMS, CloudTrail, VPCs, CodePipeline, Terraform, etc.">
• Deep understanding of AWS Compute, Storage, Networking, Data, and Security services.">
• Strong expertise in SDLC security practices and cloud-native application patterns (microservices, containers, CI/CD).">
• Experience implementing security controls in CI/CD pipelines (Jenkins, GitHub, GitHub Actions, etc).">
• Proficiency in at least one programming language (e.g., Python, Java, Go, Node.js).">
• Familiarity with OWASP Top 10, SANS CWE Top 25, and threat modeling methodologies (e.g., STRIDE).">
• Strong communication skills with the ability to convey technical risks to executive stakeholders.">
• At least one recognized security certification (e.g., GDSA, GCAD, GWAT, GWEB, GPEN, GCPN GXPN).">
• Additional certifications are a plus: SABSA, TOGAF, AWS Certified Solutions Architect.">

Preferred Skills:

• ">
• Hands-on experience with IaC security (Terraform, CloudFormation).">
• Exposure to container security (Docker, Kubernetes, EKS).">
• Knowledge of DevSecOps practices, security automation, and monitoring tools.">
• Familiarity with Splunk, DataDog, or other SIEM solutions for security monitoring.">
• Experience working in regulated industries (finance, healthcare, etc.) with compliance frameworks (e.g., PCI DSS, ISO 27001, SOC2).">

Keyword

ApplicationSecurity