Systems Engineering Architect

Systems Engineering Architect

Requirements

• 8-12 years of progressive experience in cloud security architecture and engineering.
• Deep and demonstrable understanding of public cloud platforms (e.g., GCP, AWS,) especially GCP and their native security services.
• Proven experience in designing, implementing, and automating security controls in cloud environments, including IAM, detection and monitoring, CI/CD security, configuration management, container security, and ideally using IaC tools.
• Excellent communication, collaboration, and interpersonal skills, with the ability to effectively communicate complex technical concepts to diverse audiences, including technical and non-technical stakeholders, partners, and leadership.
• Strong analytical and problem-solving skills, with a proactive and strategic approach to identifying and mitigating security risks in cloud environments.
• Experience with conducting security architecture reviews and providing actionable recommendations.
• Familiarity with cloud-native application architectures and security considerations.
• Strong knowledge of security frameworks (e.g., NIST, CIS, ISO 27001), compliance regulations, and security best practices for cloud environments.

Responsibilities

• Drive the architecture of robust and scalable security solutions for public cloud environments, utilizing guardrails, policies, and industry-leading practices.
• Define and maintain comprehensive security baseline requirements, policies, and standards for public cloud platforms (e.g., AWS, Azure, GCP).
• Lead the design, implementation, and automation of security controls in public cloud environments, including IAM (Identity and Access Management), Detection and Monitoring, CI/CD Security, Configuration Management, Container Security, Network Security, and Data Protection.
• Utilize Infrastructure as Code (IaC) tools like Terraform and container orchestration platforms like Kubernetes to automate security configurations and ensure infrastructure is secure by design.
• Collaborate effectively with cross-functional teams, such as Product Engineering and internal Security teams (CSOC, Enterprise Security, Compliance, others), to seamlessly integrate security solutions, tooling, and risk mitigation strategies into the architecture of public cloud environments.
• Continuously assess emerging trends in the cybersecurity landscape, including new threats, vulnerabilities, and technologies, to proactively evolve security policies, practices, and architectural patterns.
• Partner with key stakeholders to develop, communicate, and drive a converged cloud security vision and strategy across all public cloud environments, ensuring security parity and a consistent security posture.
• Conduct periodic security architecture reviews to identify potential vulnerabilities, assess the effectiveness of existing controls, and provide actionable recommendations for improvement.
• Serve as a subject matter expert, providing expert guidance and consultation to partners and stakeholders on secure architecture patterns and best practices for developing and deploying cloud-native applications and services.
• Drive the adoption of secure cloud architecture principles, patterns, and services across the organization, promoting a ‘security by design’ mindset.
• Partner closely with the Security Assessments team to proactively identify, prioritize, and mitigate security risks across public cloud environments, contributing to a continuous risk reduction program.

Preferred Qualifications

• Relevant certifications such as Professional Google Cloud Engineer, Cloud Architect, Cloud Security Engineer, CCSP, CISSP or equivalent.
• Proven hands-on experience with Google Cloud Native Security Services such as Chronicle, Cloud Armor, Cloud Firewall, IDS, Certificate Manager, KMS, Secret Manager, DLP.
• Advanced with scripting and automation languages (e.g., Python, Bash).