Define, assess, and evolve the cloud security architecture and strategy across AWS, Azure, and GCP environments.
Lead and participate in cloud security architecture reviews, threat modeling sessions, and design assessments aligned to industry best practices.
Act as a subject-matter expert in CNAPP, CWPP, and CSPM technologies and cloud security risk frameworks.
Identify, analyze, and remediate cloud and application security issues on a day-to-day basis.
Analyze and remediate CSPM and CWPP findings, including identity risks, network exposure, vulnerabilities, and compliance gaps.
Work hands-on with development teams to design secure systems and implement fixes for security vulnerabilities.
Provide expert guidance on OWASP Top 10 vulnerabilities and lead remediation efforts across applications.
Design and implement secure authentication and authorization solutions.
Demonstrate deep hands-on expertise with SAML, OAuth 2.0, and related identity protocols, including writing and reviewing production-grade code.
Collaborate with DevOps and engineering teams to embed security into CI/CD pipelines and deployment workflows.
Build, review, and improve integrations between CI/CD pipelines, ticketing systems, and SIEM/SOAR platforms.
Perform technical health checks of cloud environments and DevSecOps pipelines prior to large-scale or production deployments.
Prioritize security risks based on business impact and attack paths, partnering closely with Product Management to drive remediation focus.
Create and maintain dashboards, metrics, and executive-level reports for security governance and leadership visibility.
Participate in internal and third-party audits, supporting evidence collection and remediation activities.
Lead and participate in security-related discussions with customers, partners, and internal stakeholders.
Work closely with InfoSec teams to develop communication plans and messaging for security issues and changes.
Communicate security risks, remediation plans, and architectural decisions clearly to scrum teams and leadership.

Requirements

10+ years of experience in security architecture, cloud security, or application security, with demonstrated senior-level impact.
Strong hands-on development experience with Java, Grails, and Spring Framework.
Deep expertise in OWASP vulnerabilities and practical remediation techniques.
Proven hands-on experience implementing SAML, OAuth 2.0, and modern identity and access patterns.
Strong experience with GitLab, CI/CD pipelines, and secure deployment best practices.
In-depth knowledge of cloud security platforms (CNAPP, CSPM, CWPP) and cloud-native security controls.
Ability to influence and collaborate across engineering, product, DevOps, and security teams.
Preferred Qualifications
Experience supporting regulated environments and participating in internal or third-party audits.
Must have 5+ years of programming experience in JAVA, GRAILS, SQL.
Familiarity with SIEM/SOAR integrations and security automation.
Experience working in Agile/Scrum environments with distributed engineering teams.
Cloud security certifications (e.g., AWS, Azure, GCP, CCSK, CISSP) are a plus.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cloud security architecturethreat modelingCSPMCWPPCNAPPSAMLOAuth 2.0JavaGrailsSpring Framework

Soft Skills

collaborationinfluencecommunicationleadershipproblem-solvingrisk assessmentremediation planningstakeholder engagementtechnical guidancereporting

Certifications

AWSAzureGCPCCSKCISSP