Cloud Security Architect

One of our clients in the government domain is seeking a Cloud Security Architect. The Cloud Security Architect is responsible for the establishment of the Cloud Security Architecture program within ODJFS. Cloud Security Architect Remote- In-person for meetings as needed In-Person Interview Columbus, Ohio Long Term Contract Responsibilities: Leading the evaluation, selection, and implementation of Cloud Security detection and monitoring tools (i.e., Microsoft Defender for Cloud, Defender for Identity) These tools will monitor and scan Cloud workloads and servers to ensure they are securely configured (configuration management) and not vulnerable. Work with DAS teams for implementation Workloads, containers, and orchestration (i.e.Docker /Kubernetes) security Leading and Incorporating Cloud Security Architecture into the DevSecOps /DevOps program Update any related Policy documents Established Standard Operating Procedures around and for Cloud Security Architecture Reviewing solutions for compliance to CloudSecurity Participating on Project Teams to advise on CloudSecurity Training Security Team members in related tools and processes (DAS and JFS) Knowledge transfer Required Skills: Cloud Platforms (IaaS, PaaS, SaaS), (3 Years Experience required) Deep understanding of AWS, Azure, and/or Google Cloud Platform (GCP) Familiarity with cloud-native services (e.g., IAM, VPC, KMS, Security Groups) Security Architecture & Design Designing secure cloud architectures Applying Zero Trust principles Understanding of shared responsibility models Identity and Access Management (IAM) Role-based access control (RBAC) Single Sign-On (SSO), MFA, and federated identity Privileged access management Network Security Firewalls, VPNs, segmentation, and secure connectivity Cloud-native network security tools (e.g., AWS Security Groups, Azure NSGs) Data Protection Encryption at rest and in transit Key management systems (KMS, HSM) Data classification and loss prevention (DLP) Compliance & Governance Familiarity with standards like NIST,CIS, ISO 27001, SOC 2,HIPAA, GDPR Policy-as-code (e.g., using tools like OPA, Sentinel) DevSecOps & Automation Integrating security into CI/CD pipelines Infrastructure as Code (IaC) security (e.g., Terraform, CloudFormation) Security scanning tools (e.g., Snyk, Checkov) Threat Modeling & Risk Assessment Identifying and mitigating cloud-specific threats Using frameworks like STRIDE or MITRE ATT&CK for Cloud Desired Certifications/Skills: Certified Cloud Security Professional (CCSP) AWS Certified Security - Specialty Microsoft Certified: Azure Security Engineer Associate Google Professional Cloud Security Engineer CISSP (for broader security architecture knowledge)