As we expand into new international markets and scale our digital platforms in the B2B space, securing our cloud infrastructure, APIs, and services is critical. We require a Cloud Security Architect who can lead from the front, providing expert guidance on secure design, ensuring regulatory compliance, and aligning security with business objectives.
Key Responsibilities:
- Enable secure scaling of cloud and platforms, supporting business expansion with strong architectural governance.
- Act as a trusted advisor across business, engineering, and compliance teams.
- Embed DevSecOps and Zero Trust principles, reducing risks early in the development lifecycle.
- Strengthen SOC collaboration, improving threat detection and real-time incident response.
- Ensure regulatory readiness, supporting ISO, GDPR, and local compliance needs.
Core Responsibilities Include:
- Designing and implementing secure architectures for cloud-native platforms.
- Developing cloud security governance frameworks across AWS and Azure environments.
- Architecting secure API frameworks using OAuth, JWT, and encryption best practices.
- Defining and enforcing cloud security monitoring strategies.
- Aligning architectural decisions with security frameworks such as NIST, ISO 27001, CIS, GDPR, and HIPAA.
- Contributing to the design and improvement of Security Operations Centre capabilities.
Qualifications and Experience:
- Bachelor’s or master’s degree in computer science, Cybersecurity, or a related field.
- 7+ years of experience in security architecture, cloud security, and DevSecOps.
- Deep expertise in designing secure, scalable architecture for regulated industries, such as financial services.
- Strong knowledge of cloud platforms (AWS, Azure, GCP) and CI/CD toolchains.
- Certifications such as CISSP, CISM, AWS/Azure Security Architect, TOGAF or SABSA are preferred.
- Excellent communication and stakeholder engagement skills.
Skills Required:
- Strong expertise in cloud platforms: AWS and Azure.
- Experience in cloud-native security architecture and governance frameworks.
- Knowledge of API security protocols: OAuth, JWT, and TLS/SSL.
- Proficient in integrating security controls within CI/CD pipelines.
- Understanding of SOC operations, SIEM, and SOAR platforms.
- In-depth understanding of security and privacy regulations (GDPR, HIPAA, ISO 27001, etc.).
Language Requirements:
Proficient communication skills (written and verbal) are essential for engaging both technical and executive audiences.
