Cloud Security and Governance Architect

We have a 3-year on-site Cloud Security and Governance Architect contract opportunity in Sacramento, California. This contract may be extended for an additional 2 years. Our client may authorize some remote work. The anticipated start date will be in February 2023.

The Cloud Security and Governance Architect will provide advice, design, and implementation regarding Cloud Architecture for both infrastructure and applications in our clients' latest generation AWS platforms, Microsoft Azure, and Google Cloud.

The experienced Cloud Security and Governance Architect shall have detailed knowledge and experience of cloud security supporting an organization with a focus on the Business Intelligence and Data Warehouse cloud platform and implementation.

Minimum Qualifications

• At least 4 years of experience with cloud-based technologies like AWS and knowledge of potential security risks involved in workload transitions from on-premises to cloud.
• At least 5 years of previous client facing, and security advisory experience.
• At least 4 years of experience with enterprise security solution design and implementation skills covering Identity and Access Management (IAM), Infrastructure security (network & endpoint), privacy and data security application security.
• At least 4 years of experience working with multiple AWS accounts and several VPCs in each account and managing the monitoring of security settings at an enterprise level.
• University degree in Computer Science or equivalent experience with security technologies. Our client may request a copy of the degree.

Desirable Qualifications

• Served as the subject matter expert (SME) on Cloud Security.
• Provided specific guidance regarding security requirements and mitigations for securing business use cases with defense in depth.
• Created secure design patterns and libraries for cloud applications in AWS, Azure, GCP in areas such as data protection, key management, authentication, and authorization.
• Acted as a lead advocate on security related subjects having to do with AWS, public cloud, virtualization, container technologies, infrastructure transformation, networking, and/or data center operations.
• IT security (e.g., CISSP) or Cloud Security-related certifications (e.g., vendor neutral (CCSK, Certified Cloud Professional/Architect) or Cloud vendor certification (VMware VCP, AWS Certified Solutions Architect, Google, IBM).
• Clear understanding of Customer Requirements, Security Risk, Threat Analysis, and an understanding of the IT regulatory control structures.
• Understanding of industry regulatory and compliance requirements like FedRAMP, PCI-DSS, NIST, HIPAA.
• CCSP (Certified Cloud Security Professional) and/or security certifications, such as CISSP, CISA, CRISC, CISM, and AWS Certified Security Specialist. Our client may request a copy of the certifications.
• IT security (e.g., CISSP) or Cloud Security-related certifications (e.g., vendor neutral (CCSK, Certified Cloud Professional/Architect) or Cloud vendor certification (VMware VCP, AWS Certified Solutions Architect, Google, IBM). Our client may request a copy of the certifications.
• Experience deploying automated AWS infrastructure using AWS CloudFormation, AWS Python SDK, Control Tower, AWS Config and AWS Organizations (Service Control Policies).