Job Description

Job Role: Cloud Security Architect Job Overview: We are seeking an experienced Cloud Security Architect with expertise in Microsoft Azure and Google Cloud Platform (GCP) to design, implement, and manage secure cloud environments. The ideal candidate will focus on security best practices, risk management, compliance, and threat mitigation to protect cloud infrastructure and data. Key Responsibilities : Design and implement secure, scalable cloud architectures across Azure and Google Cloud, ensuring protection against cybersecurity threats. Develop and enforce cloud security frameworks and best practices for zero trust architecture, hybrid, multi-cloud, and cloud-native environments. Manage IAM and PAM (Azure AD, Google Cloud IAM) with strict enforcement of least privilege and conditional access policies. Configure and monitor cloud-native firewalls, including Azure Firewall/Front Door/WAF, Google Cloud Firewall/Armor, NSGs, and VPC security. Establish threat detection, monitoring, and incident response systems using tools like Azure Sentinel, Google Chronicle, and Cloud Logging. Ensure data encryption at rest/in transit, leveraging tools like Azure Key Vault, Google KMS, and Secret Manager. Secure hybrid/multi-cloud connectivity, using Azure ExpressRoute, Google Cloud Interconnect, VPN Gateways, and network segmentation. Ensure compliance with ISO27001, SOC2, GDPR, HIPAA, and other standards; conduct audits and align policies. Build and integrate secure CI/CD pipelines with DevSecOps tools like Azure DevOps, Google Build, and third-party solutions. Protect containers and serverless environments in AKS, GKE, and secure Kubernetes workloads. Secure messaging systems, data platforms, and AI/ML workflows (e.g., Azure Event Hubs, Pub/Sub, BigQuery, Synapse, models/pipelines). Implement application security best practices using tools like Microsoft Defender for App Services and Google Cloud Armor. Drive disaster recovery, business continuity, and governance policies with tools like Azure Policy, Google Organization Policies, and third-party frameworks. Maintain proactive SIEM solutions, logging, and auditing for threat prevention across platforms. Conduct security testing for infrastructure and applications, identifying vulnerabilities and mitigation strategies. Educate teams on threat modelling, secure practices, and emerging security innovations. Assess existing security architectures, identify gaps and recommending improvements. Regularly assess and recommend tools for enhancing cloud security and threat management. Required Skills/Qualifications : 10+ years of experience in IT and 5+ years of extensive hands-on experience in cloud security architecture, cloud security engineering, or cybersecurity within Azure and Google Cloud environments. Experience in setting and implementing security architecture strategies and building large-scale, complex enterprise architecture solutions addressing security, availability, and recovery Expertise in IAM with tools like Azure AD/EntraID, PIM, Google Cloud IAM, SSO, and MFA. Proficiency in securing core services like compute4, databases, storages. Advanced knowledge of firewalls and configurations, including but not limited to Azure Firewall, Google Cloud Firewall, and third-party solutions. Hands-on experience with tools for security monitoring, threat detection, and incident response, such as Azure Security Center, Defender for Cloud, and Google Cloud Security Command Center. Expertise in implementing advanced threat protection tools and strategies to defend against sophisticated cyberattacks. Proficiency in cloud networking and secure connectivity practices, including private endpoints, NSGs, and service connectivity options. Expertise in data encryption, including key management, TLS, and sensitive data masking. Experience with implementing application security, WAF, DDoS protection, and securing APIs and serverless functions. Strong understanding of compliance standards like ISO 27001, SOC 2, GDPR, and PCI DSS, with practical application in cloud security. Skills in automating security workflows using Python, PowerShell, Bash, Terraform, or Bicep. Experience in container security for environments like AKS, GKE, and securing multi-cloud, containerized workloads. Proficiency in securing messaging systems, data platforms, and AI/ML pipelines for business-critical applications. Strong analytical and problem-solving skills to assess vulnerabilities and design effective security solutions. Proficient in developing and refining security blueprints and patterns, ensuring alignment with business and regulatory requirements. Experience with threat modelling and supporting risk management to enhance security posture. Proficient in coordinating security testing for infrastructure and applications, and providing recommendation to resolve/fix vulnerabilities. Excellent communication skills with the ability to communicate technical terms to non-technical audience Expertise in creating technical documentation, security policies, and governance frameworks. Bachelors or Masters degree in CyberSecurity, Computer Science, Information Technology or a relevant field. Professional certification such as Microsoft Certified Cybersecurity Architect Expert , Google Professional Cloud Security Engineer, Certified Information Systems Security Professional (CISSP). Compensation: Day rate of INR 10,000 to INR 15,000 per day Permanent salary between 20 lakh to 50 lakh, depending on the experience Working from Home Opportunity to travel onsite