Own and evolve the enterprise cloud security architecture across AWS, SaaS platforms, hybrid infrastructure, applications, networking, and operational technologies, ensuring alignment with business strategy and risk tolerance.
Define and implement AWS-native security architectures including identity, encryption, network segmentation, logging, detection, and governance capabilities, to enable secure and scalable cloud adoption.
Support the re-architecture and migration of Azure workloads to AWS, ensuring security-by-design principles are embedded throughout the migration lifecycle.
Design, implement and enforce Zero Trust security models to ensure protection of cloud and hybrid environments.
Integrate AWS with enterprise security platforms such as Zscaler, Splunk, and BeyondTrust to enable centralized visibility, control and response.
Collaborate with DevOps and cloud infrastructure teams to embed security into DevOps pipelines, leveraging automation for vulnerability management, code scanning, configuration validation and continuous compliance.
Support the establishment and oversee cloud identity and access management (IAM) strategies, including federation, least privilege, just in time access, identity governance, and Zero Trust principles.
Integrate with multiple IdPs including Entra ID and SAP IAS.
Establish tailored governance, risk, and compliance (GRC) frameworks for cloud adoption, including policy-as-code and automated compliance monitoring aligned to industry standards and regulatory requirements.
Develop templates, accelerators, and reusable security artifacts that improve delivery speed, consistency, and compliance across cloud initiatives for BBG.
Monitor emerging cloud services, regulatory changes, and threat trends to proactively assess risk and advise leadership on security posture and mitigation strategies.
Lead and develop cloud security architecture and engineering teams, setting technical direction, delivery priorities, and performance expectations.
Provide architectural oversight and subject matter expertise for enterprise and cross-functional initiatives, ensuring security outcomes are consistently achieved.
Own and evolve the cloud security tools, platforms, and services portfolio to maximize effectiveness and return on investment.
Oversee cloud incident response and forensics capabilities, leveraging native cloud telemetry and SIEM integrations to enable rapid detection, investigation, and recovery.
Deliver thought leadership through executive briefings, architecture reviews, and security workshops, influencing stakeholders and driving secure cloud transformation.

Requirements

Bachelor's degree in computer science, information systems, or information technology, or equivalent work experience.
Minimum 12 years of IT Security experience, with 5 years focused on AWS architecture
AWS Solutions Architect – Associate Certification
AWS Security Specialty
CISSP Certification
Deep expertise in AWS-native and third-party security tools
Strong understanding of cloud governance, infrastructure as code (IaC), encryption, networking, and identity management.
Strong experience with Snowflake and S/4HANA
Hands-on scripting and automation (Python, Terraform)
Strong experience with Splunk
Experience with multi-cloud environments (AWS, Azure, M635)
Strong writing and communication skills across technical and executive audiences
Experience with leading and team management
Ability to multi-task, work independently and/or within a team, pay attention to detail and meet deadlines.
Utilize sound judgement, business acumen and problem-solving skills and ability to work in fast-paced, high-volume, team environment.
Ability to work nights, weekends and holidays.

Benefits

This position is eligible to participate in a bonus program.
This position is eligible for health care benefits, life insurance, time off benefits and participation in the Company’s 401(k) plan

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

AWS architecturecloud security architectureZero Trust security modelsidentity managementencryptionnetwork segmentationvulnerability managementinfrastructure as code (IaC)scriptingautomation

Soft Skills

strong writing skillscommunication skillsteam managementproblem-solving skillsattention to detailability to multi-taskbusiness acumenleadershipcollaborationinfluencing stakeholders

Certifications

AWS Solutions Architect – AssociateAWS Security SpecialtyCISSP