Cloud Security Architect | Job in County Durham

*Summary *

As a seasoned Cloud Security Architect, you will be responsible for leading and implementing the security strategy for our organization's cloud infrastructure in the North East region. This role requires a deep understanding of cloud computing technologies, security best practices, and risk management strategies.

Key Responsibilities:

• Design, develop, and implement secure cloud architectures that align with industry standards and meet business requirements.
• Conduct regular security audits and risk assessments to identify vulnerabilities and ensure compliance with relevant regulations.
• Collaborate with cross-functional teams to define and deploy security controls across our cloud infrastructure.
• Develop, document, and enforce security policies, procedures, and guidelines for the organization's cloud environment.
• Stay abreast of the latest threats, vulnerabilities, and security best practices in the cloud computing landscape.
• Provide technical guidance to other teams on secure software development practices, including code reviews and security testing.
• Act as a point of contact for incident response activities related to cloud security incidents.
• Participate in vendor selection processes for cloud services, ensuring that chosen providers meet our organization's security standards.
• Collaborate with IT management to develop the budget and resource plans for cloud security initiatives.
• Provide training and support to team members on cloud security topics.

Requirements:

• Bachelor's degree in Computer Science, Information Technology, or a related field, or equivalent work experience.
• Proven experience as a Cloud Security Architect or similar role within the last 5 years.
• In-depth knowledge of cloud computing technologies (e.g., AWS, Azure, Google Cloud) and security best practices.
• Strong understanding of security standards and regulations such as PCI DSS, HIPAA, and GDPR.
• Excellent analytical and problem-solving skills, with the ability to design secure architectures that balance security with usability and cost efficiency.
• Strong communication and leadership skills, with the ability to effectively collaborate with cross-functional teams and stakeholders.
• Familiarity with DevSecOps practices, including continuous integration/continuous delivery (CI/CD) pipelines.
• Certifications such as AWS Certified Solutions Architect - Professional, Azure Solutions Architect Expert, or Google Certified Professional Cloud Architect are preferred but not required.

By joining our team as a Cloud Security Architect, you will have the opportunity to work with cutting-edge technologies, contribute to our organization's digital transformation journey, and help ensure the security of our cloud infrastructure. If you are passionate about cloud security and eager to take on a challenging role in a dynamic environment, we encourage you to apply for this exciting opportunity.

Qualifications and Skills

As a seasoned Cloud Security Architect, I offer extensive experience in designing, implementing, and maintaining secure cloud solutions for dynamic organizations in the North East region. My qualifications and skills are as follows:

• AWS Certified Solutions Architect - Professional (SAP-C01)

• AWS Certified DevOps Engineer - Professional (DOP-C01)

• AWS Certified Security - Specialty (SCS-C01)

• Certified Information Systems Security Professional (CISSP)

• Certified Cloud Security Professional (CCSP)

• Expertise in designing, deploying, and managing secure cloud architectures on platforms like AWS, Azure, and Google Cloud.

• Strong understanding of cloud security best practices, standards (e.g., PCI DSS, HIPAA), and compliance regulations.

• Proficiency in Identity and Access Management (IAM), network security, encryption, and key management solutions.

• Experience with cloud-native technologies, such as Kubernetes, Docker, and Serverless architectures.

• In-depth knowledge of infrastructure as code tools (Terraform, CloudFormation) for automating and managing cloud resources.

• Excellent problem-solving abilities to identify, analyze, and resolve complex security issues in a timely manner.

• Strong communication skills, with the ability to collaborate effectively with cross-functional teams and executive leadership.

• Experience mentoring and leading junior team members, fostering a culture of security within the organization.

• Proactive approach to threat intelligence gathering, vulnerability assessment, and incident response.

• Strong understanding of DevOps practices and Agile methodologies to support secure software development lifecycle (SDLC).

Candidate Expectations

In this role as a Cloud Security Architect, you will be expected to design, implement, and manage secure cloud solutions for our organization in the North East region. You will play a critical role in ensuring the confidentiality, integrity, and availability of our data and systems in the cloud environment.

• Design, develop, and implement secure cloud architectures that align with organizational requirements.

• Collaborate with cross-functional teams to ensure cloud solutions are secure, scalable, and cost-effective.

• Manage and maintain the security posture of our cloud environment, including firewalls, VPNs, and access controls.

• Conduct regular risk assessments and implement measures to mitigate identified risks.

• Stay abreast of emerging cloud security threats and trends, and integrate best practices into our cloud security strategy.

• Serve as a subject matter expert in cloud security, providing guidance and support to other team members.

• Collaborate with IT and business stakeholders to define security requirements for new cloud initiatives.

• Participate in incident response activities when necessary, contributing to the resolution of security incidents.

• Document and communicate cloud security policies, procedures, and best practices to relevant stakeholders.

• Contribute to the continuous improvement of our cloud security program by identifying areas for optimization and implementing improvements.

• Bachelor's degree in Computer Science, Information Technology, or a related field. A master's degree or relevant certifications (e.g., AWS Certified Solutions Architect - Professional, CISSP, etc.) is a plus.

• Minimum of 5 years of experience in cloud security architecture, ideally within the North East region.

• Proven experience with designing and implementing secure cloud solutions on platforms like AWS, Azure, or Google Cloud.

• Strong understanding of cloud security best practices, including data encryption, access controls, identity and access management (IAM), and network security.

• Experience with incident response, risk assessment, and vulnerability management in a cloud environment.

• Excellent communication skills, with the ability to explain complex technical concepts to non-technical stakeholders.

• Strong problem-solving abilities and a proactive approach to identifying and addressing security issues.

• Ability to work independently and collaboratively in a fast-paced, dynamic environment.

• Strong organizational skills, with the ability to manage multiple projects simultaneously.

• Willingness to stay current with emerging cloud security trends and technologies.

• Experience working in regulated industries such as finance or healthcare, where data privacy and security are of utmost importance.

• Knowledge of DevOps principles and practices, and experience collaborating with DevOps teams.

• Familiarity with containerization technologies like Docker and Kubernetes.

• Experience with cloud cost optimization tools and strategies.

• Experience with Agile/Scrum methodologies and their application in a cloud security context.

Daily Responsibilities

As a Cloud Security Architect, you will be responsible for designing, implementing, and managing secure cloud solutions to support the organization's digital transformation. Here are some of your key daily responsibilities:

• *Cloud Security Strategy Development:

• Develop and maintain the organization's cloud security strategy aligned with industry best practices, regulatory requirements, and business objectives.

• *Security Architecture Design:

• Design secure, scalable, and cost-effective cloud architectures using AWS, Azure, or Google Cloud Platform. Ensure the designs adhere to the principles of least privilege, defense in depth, and zero trust.

• *Cloud Security Implementation:

• Implement and manage cloud security solutions such as Identity & Access Management (IAM), Virtual Private Clouds (VPC), network segmentation, encryption, multi-factor authentication, and web application firewalls.

• *Security Operations:

• Monitor the organization's cloud environments for security incidents and vulnerabilities. Respond to security alerts, investigate incidents, and take appropriate action to mitigate risks.

• *Compliance Management:

• Ensure compliance with relevant regulations such as GDPR, HIPAA, or PCI-DSS. Develop and maintain policies, procedures, and standards for cloud security and privacy.

• *Risk Assessment and Mitigation:

• Perform regular risk assessments to identify potential security threats and vulnerabilities. Develop and implement plans to mitigate identified risks.

• *Security Training and Awareness:

• Provide training and awareness sessions to employees on cloud security best practices, policies, and procedures. Foster a culture of security within the organization.

• *Collaboration with Stakeholders:

• Work closely with various stakeholders including IT, development teams, and business units to ensure secure implementation of cloud solutions. Provide guidance on secure coding practices and application security.

• *Vendor Management:

• Evaluate and select appropriate cloud security vendors and services. Manage vendor relationships and ensure adherence to contractual obligations.

• *Continuous Improvement:

• Stay abreast of the latest trends and developments in cloud security. Implement continuous improvement strategies to enhance the organization's cloud security posture.