Job description
As the Principal Cloud Security Architect, you’ll spearhead the organization’s vision for a secure and innovative cloud ecosystem. Collaborating seamlessly with Infrastructure and Development teams, you’ll craft and execute cutting-edge cloud strategies that drive transformation, ensure robust security, and optimize platform adoption. Your leadership will be pivotal in shaping resilient, scalable, and future-ready cloud solutions that empower the business and safeguard its digital assets.
Key Responsibilities Include
• Defining cloud security architecture patterns and standards based on industry best practices.
• Collaborating with domain architects and lead security engineers to design and implement security controls aligned with enterprise frameworks.
• Driving cloud security governance across multi-cloud environments, ensuring secure deployment and operation of applications.
• Applying deep expertise in cloud security, network architecture, system hardening, and logging to lead technical operations teams in the containment and remediation of security incidents.
• Supporting incident response efforts by guiding technical remediation and ensuring lessons learned are incorporated into future architecture.
• This role requires a strong combination of strategic vision, technical expertise, and cross-functional leadership to deliver scalable, secure, and compliant cloud solutions across the enterprise.
Key Responsibilities
• Cloud Security Strategy & Architecture
• Lead the development of cloud security architecture strategy, including technical frameworks, security standards, guidelines, and procedures for both infrastructure and software development.
• Design solutions that integrate industry-standard frameworks (e.g., NIST 800-53, ISO 27002, SABSA) into enterprise architecture, aligning security with broader business and IT strategy.
• Define and maintain security roadmaps to guide enterprise adoption of secure cloud and emerging technologies.
• Act as a senior security advisor to the Information Technology Architecture Committee (ITAC) and Architecture Review Committee, guiding secure technology integration and architectural decisions.
• Partner with application, infrastructure, and DevOps teams to implement secure cloud solutions and ensure alignment with enterprise security controls.
• Influence and enable IT and business leadership through technical expertise, advocating for secure design principles across all stages of the project lifecycle.
• Risk & Threat Management
• Lead and manage cloud security assessments, identify architectural and operational risks, and drive remediation plans.
• Establish and maintain an enterprise threat management program, including threat modeling, threat hunting, and intelligence integration to support SOC and risk management functions.
• Assist Security Operations in incident response activities, guiding investigation, containment, and remediation efforts, and ensure post-incident improvements are implemented.
• Secure Development & Data Protection.
• Build and maintain the Secure Software Development Lifecycle (SSDLC), including secure coding standards, testing infrastructure, and compliance processes.
• Oversee the development and execution of a data protection program, including data discovery, flow mapping, and Data Loss Prevention (DLP) capabilities.
• Technology Enablement & Vendor Management
• Evaluate and lead proof-of-concepts for new security technologies and services; manage vendor engagements related to cloud security and tooling.
• Stay current with evolving technologies and threats to guide investment decisions and innovation in security capabilities.
• Provide strategic mentorship to domain architects and junior cybersecurity staff, helping grow architectural thinking, technical capabilities, and cross-functional collaboration.
Education
• A bachelor’s degree in Computer Science, Engineering, or a related technical field is required.
Experience
• 15+ years of progressive experience in Information Security and Risk Management, including:
• Minimum 5 years in Security Architecture, with deep involvement in strategic design and implementation.
• Minimum 5 years working in cloud environments (IaaS, PaaS, SaaS), preferably across multiple platforms (AWS, Azure, GCP).
• Proven experience managing complex cloud security projects and cross-functional collaboration across enterprise environments.
• Strong communication and leadership skills, with the ability to influence and advise executive management, technical peers, and business stakeholders.
• Deep understanding of cloud-native security principles and implementation of controls across:
• Cloud Architecture & Networking.
• Identity & Access Management (IAM).
• CI/CD Pipeline Security.
• Secrets Management & Data Protection.
• Logging, Detection, and Incident Response.
• Container Security (e.g., Docker, Kubernetes).
• Extensive hands-on experience with enterprise cloud security frameworks and standards, including:
• CIS Benchmarks, Cloud Security Alliance (CSA) guidelines.
• NIST SP standards (800-144, 800-145, 800-291, 800-322).
• Demonstrated success in:
• Leading and designing complex security programs and solutions (e.g., SOC, DLP, SSDLC, IAM).
• Architecting and deploying Zero Trust security models and strategies.
• Advising on compliance frameworks such as PCI-DSS, HIPAA, GDPR, PHI, and PII.
• Experience with technologies including SD-WAN, IoT, Wireless Networking, and AI, and understanding their impact on cyber risk.
• Strong background in risk assessment, gap analysis, and cybersecurity program development.
• Direct, hands-on experience with incident response and digital forensics, including:
• Malware detection and analysis.
• Memory analysis.
• Disk forensics.
• Experience working on or closely with Security Engineering, SOC, or Forensics teams.
• Proficiency in scripting languages and automation tools used in security operations.
• Strong understanding of APIs and integration methods for cloud and security toolsets.
Certifications (preferred, But Not Required)
• CISSP, CISM, GIAC, CEH, GCIH, GCFE, GXPN, CISSP-ISSAP, SABSA, or equivalent credentials.
Benefits
• 401(k).
• Dental Insurance.
• Health insurance.
• Vision insurance.
• We are an equal-opportunity employer and value diversity, equality, inclusion, and respect for people.
• The salary will be determined based on several factors, including, but not limited to, location, relevant education, qualifications, experience, technical skills, and business needs.
Additional Responsibilities
• Participate in OP monthly team meetings and participate in team-building efforts.
• Contribute to OP technical discussions, peer reviews, etc.
• Contribute content and collaborate via the OP-Wiki/Knowledge Base.
• Provide status reports to OP Account Management as requested.
About Us
OP is a technology consulting and solutions company, offering advisory and managed services, innovative platforms, and staffing solutions across a wide range of fields — including AI, cybersecurity, enterprise architecture, and beyond. Our most valuable asset is our people: dynamic, creative thinkers who are passionate about doing quality work. As a member of the OP team, you will have access to industry-leading consulting practices, strategies & and technologies, innovative training & education. An ideal OP team member is a technology leader with a proven track record of technical excellence and a strong focus on process and methodology.
Requirements
• A bachelor’s degree in Computer Science, Engineering, or a related technical field is required
• 15+ years of progressive experience in Information Security and Risk Management, including:
• Minimum 5 years in Security Architecture, with deep involvement in strategic design and implementation
• Minimum 5 years working in cloud environments (IaaS, PaaS, SaaS), preferably across multiple platforms (AWS, Azure, GCP)
• Proven experience managing complex cloud security projects and cross-functional collaboration across enterprise environments
• Strong communication and leadership skills, with the ability to influence and advise executive management, technical peers, and business stakeholders
• Deep understanding of cloud-native security principles and implementation of controls across:
• Cloud Architecture & Networking
• Identity & Access Management (IAM)
• CI/CD Pipeline Security
• Secrets Management & Data Protection
• Logging, Detection, and Incident Response
• Container Security (e.g., Docker, Kubernetes)
• Extensive hands-on experience with enterprise cloud security frameworks and standards, including:
• CIS Benchmarks, Cloud Security Alliance (CSA) guidelines
• NIST SP standards (800-144, 800-145, 800-291, 800-322)
• Demonstrated success in:
• Leading and designing complex security programs and solutions (e.g., SOC, DLP, SSDLC, IAM)
• Architecting and deploying Zero Trust security models and strategies
• Advising on compliance frameworks such as PCI-DSS, HIPAA, GDPR, PHI, and PII
• Experience with technologies including SD-WAN, IoT, Wireless Networking, and AI, and understanding their impact on cyber risk
• Strong background in risk assessment, gap analysis, and cybersecurity program development
• Direct, hands-on experience with incident response and digital forensics, including:
• Malware detection and analysis
• Memory analysis
• Disk forensics
• Experience working on or closely with Security Engineering, SOC, or Forensics teams
• Proficiency in scripting languages and automation tools used in security operations
• Strong understanding of APIs and integration methods for cloud and security toolsets
• An ideal OP team member is a technology leader with a proven track record of technical excellence and a strong focus on process and methodology
