Job ID: JOB_ID_8552
About the Role:
We are seeking a highly skilled Senior Cloud Security Architect to lead the security strategy for a major Data Center Exit migration to AWS EC2. You will be responsible for designing secure enterprise landing zones, enforcing governance through guardrails, and ensuring that all migrated workloads including Oracle Exadata, SQL Server, and Middleware meet strict security baselines. This role requires a “Secure-by-Design” approach to protect hybrid cloud environments and high-volume integration workloads.
Key Responsibilities:
- Lead the security architecture for large-scale Data Center migrations to AWS EC2 and EKS.
- Design and implement AWS Landing Zone security, including IAM guardrails and Service Control Policies (SCPs).
- Define and enforce cloud security baselines aligned with CIS, NIST, and ISO controls.
- Implement AWS WAF rules, firewall policies, and secure network segmentation for migrated applications.
- Conduct infrastructure vulnerability assessments and define technical remediation plans.
- Validate authentication, authorization, and encryption models for all cloud-native and hybrid workloads.
- Produce High-Level Design (HLD) and Low-Level Design (LLD) documentation and operational security runbooks.
- Integrate Security Information and Event Management (SIEM) systems with AWS Security Hub and GuardDuty.
Important Skill-Set, Technologies, Certifications, and Methodologies:
- AWS Identity and Access Management (IAM), AWS Key Management Service (KMS), CloudTrail, GuardDuty, Web Application Firewall (WAF), AWS Landing Zone, Service Control Policies (SCP), Virtual Private Cloud (VPC) Segmentation, Elastic Kubernetes Service (EKS), Vulnerability Assessment and Penetration Testing (VAPT), Zero Trust Architecture, NIST/ISO Frameworks, SIEM Integration.
Essential Skills:
- Expertise in AWS Cloud Security Architecture, specifically IAM, KMS, CloudTrail, and Detective Controls.
- Hands-on experience with Vulnerability Assessment and Penetration Testing (VAPT) tools such as Nessus, Qualys, and Burp Suite.
- Proficiency in securing Windows Server (2016-2025) and Red Hat Enterprise Linux (RHEL 7/8/9).
- Deep understanding of Least Privilege, Encryption at Rest/Transit, and Zero Trust principles.
- Strong knowledge of database security for Oracle 19c, Exadata on AWS, and SQL Server.
Desirable Skills:
- Experience securing Java, .NET, and TIBCO Enterprise Service Bus (ESB) workloads.
- Familiarity with static and dynamic analysis tools like Fortify and Checkmarx.
- Experience with AWS Shield and Advanced Threat Protection for high-traffic environments.
Keywords:
AWS Security Architect, IAM, KMS, GuardDuty, CloudTrail, AWS Landing Zone, SCP, WAF, EKS Security, Data Center Migration, VAPT, Oracle Exadata, NIST, Zero Trust, EC2 Security.
Special Requirements
100% On-site role in Irvine, California. The candidate must have hands-on experience leading security architecture for Data Center Exit migrations to Amazon Web Services (AWS).
Compensation & Location
Salary: $135,200 – $156,000 per year
Location: Irvine, CA
Recruiter / Company – Contact Information
Recruiter / Employer: Scalable Systems
Email: a.bhatt@scalable-systems.com
Recruiter Notice:
To remove this job posting, please send an email from
a.bhatt@scalable-systems.com with the subject:
DELETE_JOB_ID_8552