InfoSec Architecture, Cloud Specialist
RHI Magnesita
full-time
Posted on:
Location Type: Hybrid
Location: Austria
Visit company websiteExplore more
About the role
- Design and implement secure cloud architectures for IaaS, PaaS, and SaaS environments in Azure and AWS, aligning with zero trust and defense-in-depth models.
- Integrate security into CI/CD pipelines, infrastructure-as-code (IaC), and cloud-native development lifecycles.
- Collaborate with application and infrastructure teams to secure workload deployments, container platforms, and serverless services.
- Define and enforce least-privilege access models, role-based access control (RBAC), and just-in-time (JIT) access in Azure AD and AWS IAM.
- Configure and monitor Conditional Access, Privileged Identity Management (PIM), and federation mechanisms.
- Operate and fine-tune cloud-native security services Define and maintain security alerts, log forwarding, and custom detection rules across both cloud environments.
- Continuously monitor and improve cloud security posture using tools like Microsoft Purview, Azure Policy, AWS Config, and third-party CSPM tools.
- Map and enforce controls aligned to ISO 27001, NIST 800-53, CIS Benchmarks, GDPR, LGPD, and customer-specific requirements.
- Act as the trusted security partner for the CCoE, platform owners, architects, and DevOps teams.
- Conduct training and awareness for developers, cloud administrators, and business units on secure cloud usage.
Requirements
- Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Cloud Engineering, or a related technical field or equivalent education/experience.
- Solid experience in information security, with at least 3 focused on cloud security across Azure and AWS.
- Azure security stack: Azure AD, Defender, Key Vault, Purview, Azure Policy
- AWS security stack: IAM, GuardDuty, Inspector, Security Hub, KMS, Control Tower
- Hands-on experience with: Terraform, Bicep, ARM templates or other IaC frameworks
- Container and orchestration security (e.g., Kubernetes…)
- Familiarity with multi-cloud environments, hybrid deployments, and secure connectivity models (VPN, ExpressRoute…).
- Certifications (Preferred) Microsoft Certified: Azure Security Engineer Associate AWS Certified Security – Specialty
- Strong analytical mindset and risk-based decision-making approach.
- Clear and confident communicator who can influence architecture decisions across business units.
- Comfortable working in high-velocity DevOps and agile environments with strong documentation and follow-up.
- Fluent in English
Benefits
- Competitive salary
- Flexible working hours
- Professional development budget
- Home office setup allowance
- Global team events
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
cloud architectureIaaSPaaSSaaSinfrastructure-as-codecloud-native developmentleast-privilege access modelsrole-based access controlcontainer securityorchestration security
Soft Skills
analytical mindsetrisk-based decision-makingclear communicationinfluencing architecture decisionsdocumentationfollow-up
Certifications
Microsoft Certified: Azure Security Engineer AssociateAWS Certified Security – Specialty