This is a remote position.
We are looking for a highly skilled Cloud & Information Security Architect to lead the review, enhancement, and implementation of cloud security policies and frameworks. This role involves aligning existing cloud security operations with leading global standards, conducting risk and gap assessments, and guiding secure migration strategies for Azure-based environments. The successful candidate will act as a key liaison between technical teams and stakeholders to drive security-focused cloud transformation initiatives.
Key Responsibilities:
- Review and enhance existing cloud security policies and procedures to ensure they are robust and aligned with industry best practices.
- Map and align organizational policies to leading security and compliance standards including:
- DESC ISR v2
- ISO/IEC 27017 (Cloud Security)
- NIST 800-53 (Security and Privacy Controls)
- Conduct comprehensive gap analyses against mapped standards and recommend remediation steps.
- Engage with business and technical stakeholders to assess current risk posture and gather requirements.
- Analyze the existing Azure cloud setup, identify security weaknesses, and propose architectural improvements.
- Develop a Cloud Migration Security Framework that supports scalable and secure transition of services to the cloud.
- Triage applications for cloud readiness and risk based on the developed framework and prioritize migration sequencing.
- Provide expert advice and architectural oversight across cloud initiatives to ensure adherence to security principles.
- Collaborate with DevOps, Infrastructure, and Application teams to embed security into CI/CD and cloud-native designs.
- Ensure ongoing monitoring and reporting mechanisms are in place for compliance tracking and risk visibility.
Requirements
- Bachelor’s or Master’s degree in Computer Science, Information Security, Cybersecurity, or a related field.
- Microsoft Certified: Azure Security Engineer Associate
- Certified Information Systems Security Professional (CISSP)
- Certified Cloud Security Professional (CCSP)
- ISO 27001 Lead Implementer or Auditor (a plus)
- 10+ years of experience in cloud security, architecture, or information security roles.
- Proven experience working with Azure cloud environments and security configurations.
- Deep understanding of security controls and compliance requirements in regulated industries.
- Practical knowledge of mapping and implementing DESC ISR v2, ISO 27017, and NIST 800-53 standards.
- Experience conducting risk assessments, gap analyses, and designing secure cloud migration strategies.
Key Skills:
- Cloud Security Architecture (Azure preferred)
- DESC ISR v2, ISO 27017, NIST 800-53 Mapping
- Cloud Governance and Risk Management
- Security Gap Analysis and Remediation Planning
- Azure Security Controls and Services
- Stakeholder Engagement & Communication
- Secure Cloud Migration Frameworks
- Application Risk Triage & Prioritization
- DevSecOps Integration
Desired Skills:
- DESC ISR v2
- ISO 27017
- NIST 800-53 standards
- Azure
Desired Qualification Level:
- Diploma
About The Employer: