Role Overview
We are looking for a Cloud Security Architect to lead and elevate our cloud security posture across the BU, with a strong emphasis on Microsoft Azure. The ideal candidate is deeply experienced in cloud security principles, tooling, and governance, while also bringing a solid understanding of cloud architecture and development best practices to ensure secure-by-design cloud solutions. This role is crucial in aligning cloud security strategy with business requirements, guiding secure cloud adoption, and collaborating with product teams, cloud engineers, and external consultants.
Key Responsibilities
As a Cloud Security Engineer, you will be responsible for the technical security of applications as well as the definition of the requirements for new security features.
• Lead the design, implementation, and governance of Azure cloud security controls, aligned with industry standards (e.g., CIS, NIST, ISO 27001)
• Continuously strengthen Azure security posture using tools such as Defender for Cloud, Sentinel, Azure Policy, RBAC, and PIM
• Develop and maintain cloud security policies, standards, and secure configuration baselines.
• Coordinate the identification, prioritization, and remediation of cloud vulnerabilities and misconfigurations.
• Support security assessments, threat modeling, and risk analysis for cloudbased solutions.
• Provide guidance during cloud security incidents and contribute to incident response processes and root cause analysis.
• Collaborate with cloud architects and development teams to ensure secure-bydesign patterns and reference architectures.
• Provide architectural security input on Azure services, identity models, network design, and application deployment patterns.
• Support the creation of reusable secure infrastructure templates (e.g., Pulumi, Terraform) and DevSecOps automation.
• Translate technical security risks into clear business impacts for stakeholders.
• Willingness to grow into taking care of overarching Security Management topics. Support audits, compliance initiatives, and risk assessments. Serve as a key liaison between engineering teams, security consultants, and business stakeholders.