The purpose of the Cloud Security Architect Lead role is to design secure and reliable cloud solutions to protect the organization's digital assets from internal and external cyber threats. This position involves developing and implementing a comprehensive cloud security strategy, conducting thorough analyses of current infrastructure and applications, and collaborating with stakeholders to align cloud security architecture with business goals. The role also includes creating and maintaining a robust cloud security architecture, performing regular security assessments, ensuring compliance with industry standards, and managing risks associated with cloud-based projects
Cloud Strategy and Planning
Responsibilities and Accountabilities:
• Develop and implement the organization's cloud security strategy.
• Conduct comprehensive analysis of current infrastructure and applications to determine optimal cloud security solutions.
• Collaborate with stakeholders to align cloud security architecture with business goals.
Design and Develop Cloud Security Architecture
Responsibilities and Accountabilities:
• Create and maintain a comprehensive cloud security architecture that ensures the security of cloud-based systems.
• Identify the specific security needs of your organization, including compliance requirements, data sensitivity, and business objectives.
• Develop and validate security controls to protect cloud infrastructure and applications.
• Review Solution designs for cloud-based projects and ensure those align with information security and compliance requirements
• Provide security recommendations for new cloud projects.
• Maintain and update the cloud security decision tool to ensure easy decision making for cloud projects
Security Assessments and Compliance
Responsibilities and Accountabilities:
• Perform regular security assessments to ensure security of the cloud platforms.
• Perform scheduled security assessment for cloud-based solutions
Incident Response
Responsibilities and Accountabilities:
• Work with incident response team to support investigation of cloud related incident
Risk Management
Responsibilities and Accountabilities:
• Conduct risk assessments and develop mitigation strategies.
• Review risk raised for cloud related projects and perform risk evaluation.
• Update the risk tracker and maintain the same.
• Track risks from risk tracker on regular basis
Reporting & Documentation
Responsibilities and Accountabilities:
• Prepare detailed reports on risk assessments, security audits, and compliance activities.
• Track and report the departmental KPI on periodic basis.
• Create and maintain security baselines for Cloud technologies
• Establish clear cloud security decision matrix that govern access control, data protection, incident response, and compliance.
• Adopt industry standards and frameworks such as NIST, ISO/IEC 27001, and the Cloud Security Alliance (CSA) guidelines.
• Provide training and guidance on cloud security best practices to team members.
• Maintain up-to-date knowledge of cloud security trends, threats, and countermeasures.
• Stay up to date on the latest security threats, tools, and trends
• Mentor junior resources on cloud related projects.
• Communicate findings and recommendations to both technical and non-technical stakeholders at various levels of the organization
Third Party Risk Management
Responsibilities and Accountabilities:
• Evaluate third-party vendor security posture and ensure that their practices comply with company standards and regulatory requirements.
• Lead efforts to manage security risks in the supply chain.
Education and Experience -
Bachelor’s degree in computer science, Information Technology, Cyber Security, or equivalent
6 to 7 years of relevant experience.
Pref - Bachelor’s Degree with 7 years’ experience, Diploma, Military or Police Academy graduate with 10 years’ experience, or High School with 12 years’ experience
CISSP, SC-100, CEH, AWS Certified, Multiple Azure Certifications, TOGAG/ COBIT certified
