Principal Cloud Security Architect

**Join Amgen’s Mission of Serving Patients**:
At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do.

Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas -Oncology, Inflammation, General Medicine, and Rare Disease
- we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives.

Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career.

Principal Cloud Security Architect

**What you will do**:
**Responsibilities**:

- Design and implement a comprehensive information security strategy aligned with the organization’s business goals
- Develop and maintain the organization’s security architecture, ensuring that it meets current and future security requirements
- Assess and select security technologies and tools that align with the organization’s security strategy
- Own the information security team, providing guidance, support, and mentoring to ensure the efficiency of security operations
- Perform threat modeling and risk assessments to identify and mitigate potential security risks
- Directly responsible for crafting, implementing and maintaining reusable architectural security design patterns that protect Amgen business systems
- Accountable as the Cloud Security Domain architect to establish domain reference architecture mapping security capabilities, process and technology
- Continuously assesses cloud security risk and threat landscape, identifies security control gaps and develops business technology strategies that materially addresses risk and reinforce departmental investments
- Handles and maintains current architectural plans, engineering blueprints and CDT reference architecture in system of record
- Accountable for leading, supporting, crafting, developing, testing, integrating and deploying security technologies and or capabilities including but not limited to Cloud Security Posture Management, Cloud Workload Protection, Web Application Security, Container scanning, Data Security Posture Management, Cloud Security standard methodologies
- Provides proactive recall and timely response support for cyber events and investigations
- Participates as domain authority in support of corporate cyber and InfoSec audit activities
- Responsible for leading the development and publication of Security Configuration Baseline (SCB) standards related to cloud operations
- Develop or participate in the development of cases and presentations on information security technologies of interest to Amgen
- Serves as a functional collaborator with the Enterprise Architecture team to assess system designs and functionality against existing reusable patterns under the provisions of Amgen City Plan program
- Establish and maintain approved security patterns, methods and reusable elements to expedite solutions attestation and approval throughout SDLC
- Perform security design consulting in support of projects including participation in security architecture reviews as necessary
- Collaborate multi-functionally with analysts, engineers, data scientists to achieve continuous improvement in cloud security, compliance and resilience.
- Domestic and International travel up to 10%.

**What we expect of you**:
We are all different, yet we all use our unique contributions to serve patients.

**Basic Qualifications**:
Master’s degree and 8 to 10 years of Information Systems and/or Computer Science experience OR

Bachelor’s degree and 10 to 14 Information Systems and/or Computer Science experience OR

Diploma and 14 to 18 years of Information Systems and/or Computer Science experience

**Preferred Qualifications**:

- Deep knowledge and understanding of Service Management strategy and operations, cybersecurity frameworks; cloud security processes, technologies, and standard methodologies
- Experience in risk management, incident response, and security governance
- Strong knowledge of security architecture frameworks and principles

**Good-to-Have Skills**:

- Experience with network security, endpoint protection, and incident response
- Proficiency in scripting and automation (e.g., Python, Bash) is a plus

**Professional Certifications (please mention if the certification is preferred or mandatory for the role)**:

- CompTIA Security+ (mandatory)
- CompTIA Network+(mandatory)
- AWS Certified Security-0Specialty (mandatory)
- CISSP (preferred)
- TOGAF (preferred)
- AWS Certified Solutions Developer (preferred)
-