Cloud Security Architect

Back

Cloud Security Architect

@ CGI

  • Advise on the implementation of cloud-native security tools and safeguards to achieve a secure trusted environment.
  • Advocate and collaborate with engineers, developers, and non-technical members on cloud security related issues.
  • Collaborate with clients to gather requirements and propose effective security solutions.
  • Cloud Security Subject Matter Expert for AWS and Azure cloud engineering teams
  • Create, update and maintain DevSecOps processes for cloud and container-based deployments
  • Design and implement secure solutions and architectures for cloud, multiple cloud and hybrid cloud systems to support clients, delivery teams, and Managed Service Provider (MSP)/Managed Security Service Provider (MSSP) practices.
  • Develop automation, runbooks, and scripts to automatically resolve security or configuration issues in AWS or Azure.
  • Drive roadmap and implementation of security related items for cloud engineer, networking and system operations teams.
  • Help build cloud strategies and reference architectures to meet compliance and security requirements.
  • Lead technical security discussion with Cyber teams (Security Operation Center Analysts, Security Application Teams and ISSOs) about Cloud IaaS, PaaS and SaaS and Microservices architectures
  • Mentor and coach others in cloud and security architecture
  • Present on, drive adoptions, create proof of concepts and demo security concepts and solutions to technical and non-technical audiences
  • Proactively improve the security posture of cloud-based environments with CSP services, code and automaton
  • Promote and help enable other teams to adopt Security Orchestration, Automation and Reponses (SOAR).
  • Work with compliance, security and application teams to maintain security compliance for federal (DoD, FedRAMP, CMMC), corporate and industry compliance programs.


Qualifications:

  • 4 – 10 years of relevant experience with cloud, security and development
  • Detailed understanding of AWS and Azure core security and identity capabilities, features, and services
  • Knowledge of security monitoring and response capabilities for on-premises, Cloud, hybrid and microservice environments.
  • Experience implementing Infrastructure as Code (IaC) with CloudFormation, ARM or Terraform.
  • Experience of supporting projects that required at least one Federal compliance program (CMMC, CIS Benchmarks, DoD SRG, DoD STIGs, FedRAMP and NIST 800-53) and the ability to help the projects achieve and maintain accreditation
  • Proven ability to create solutions that align enterprise security architecture frameworks and defined security controls and standards.
  • Security Certifications – A least one security certification (CISSP, CEH, GIAC, Security+, AWS Certified Security - Specialty, Microsoft Certified Azure Security Engineer) and a CSP (AWS or Azure) Assoicate level certification.
  • Strong knowledge of security topologies, network security best practices and the application of suitable security safeguards.
  • Strong experience with a variety of cybersecurity systems, architectural concepts, delivery environments and best-of-breed security solutions.
  • Understanding of Agile and DevOps methods
  • Understanding of AWS and Azure core Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Function as a Service (FaaS) capabilities, features, and services and/or detailed understanding of cloud-native reference architectures.
  • Understanding of Continuous Integration and Continuous Delivery (CI/CD) pipelines to incorporate security, hardening and best practices for delivery of secure software


Desirable:

  • AWS professional (AWS Certified Solutions Architect – Professional, AWS Certified DevOps Engineer – Professional) or Azure expert level role-based certifications.
  • Bachelor level technical degree or equivalent experience; Computer Science or Engineering background preferred
  • Developing Serverless applications leveraging AWS services (DynamoDB, EventBridge, Lambda, S3, SQS, SNS) or Azure Services
  • Experience in supporting container-based applications, implementing security for microservices in the CI/CD progress, runtime and registry for AWS (Docker, AWS ECS, AWS ECR, AWS Fargate, AWS EKS), Azure AKS, Docker, and Kubernetes.
  • Experience implementing Zero Trust architecture and design patterns
  • Familiarity with Linux / Windows operating systems and methods to securely operate workloads
  • Knowledge of CMMC, DoD SRG, DoD STIGs, FedRAMP and NIST compliance controls
  • Knowledge with Configuration as Code tools/services (Puppet, Ansible or AWS SSM) for orchestration of OS (Operating System) level configuration and compliance
  • Knowledge of Git for source code version control and Atlassian (Jira, Bitbucket, and Confluence), GitHub or GitLab and ServiceNow APIs for automation.

Additional Requirements:

  • Due to the nature of the government contracts we support, US Citizenship is required.


How to Apply:

Apply online at https://www.cgi.com/en/careers

Visit Site to Apply

Location: Lafayette, LA
Date Posted: October 08, 2021
Application Deadline: November 08, 2021