Cloud Security Architect

Appxpertise Inc Tampa, FL

Job Description:

· Analyze and design security solutions for applications and infrastructure, and provide expertise and consulting to clients.

· Identify and document information security risks and propose mitigating controls.

· Will be responsible for understanding complex business IT needs, requirements and projects scopes, with a focus on information security requirements.

· Research, design, and develop new information security controls for clients.

· Assess current IT environments and make recommendations to increase security.

· Assist clients in troubleshooting and resolving information security issues.

· Author project and support documentation and diagrams.

· Implement security solutions.

Previous Experience:

· Assessed, developed and implemented, operationalized and documented comprehensive security technologies and processes.

· Secure software development, data protection, cryptography, key management, identity and access management (IAM), network security (VPNs) within SaaS, IaaS PaaS, and other cloud environments.

· Architected solutions within Amazon Web Services (AWS) and other cloud providers and SOA for cloud-based services.

· Worked with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.

· Performed security design/ architecture reviews, code reviews, and penetration tests of large applications, systems and / or networks.

· Worked on large scale cloud based services ( including SaaS, PaaS, IaaS) and understand security challenges involve in deploying Cloud Applications.

· Created and maintained security policies and procedures, managing the protection of information systems and assets.

· Performed threat modeling and design reviews assessing security implications and requirements introducing new technologies.

· Hand-on experience with multiple security technologies such as Firewalls, Intrusion detection/Prevention Systems, Vulnerability scanning, WAF, Wireless LAN, NAC, DLP, DDoS Mitigation, WAN security, SIEM, Content filtering, Cloud Security gateways, Secure Proxies, SSL crypto solutions.

· Solid understanding of a range of compliance, regulatory and legal requirements and relevant principles, best practices and standards across multiple industries. Preferred industries: financial services, telecommunications. Examples would include: PCI, SOX, GLBA, CSA, PCI, NIST, ISO, IEEE, FedRAMP, HIPPA and TCG.

· Have working knowledge of common and industry standard cloud –native/ cloud friendly authentication mechanisms (OAuth, OpenID, SAML, Ping, Okta, etc) and key management(Safenet, Vormetric, other)

· Cloud security and/ or architecture related certifications- AWS Certified Solutions Architect or Certified DevOps Engineer.

Similar jobs you might like