NEWPosted 2 hours ago

Job ID: JOB_ID_8524

Cloud Security Architect (AWS)

Lead cloud security architecture for the Data Center Exit migration to AWS EC2. Design and implement AWS Landing Zone security including IAM guardrails, SCPs, and logging. Conduct application and infra vulnerability assessments and define remediation plans. Implement WAF rules, firewall policies, secure segmentation, and endpoint protection. Validate authentication, authorization, and encryption models for all migrated workloads. Support secure deployment practices, code reviews, and remediation of development gaps. Integrate SIEM systems with AWS native security tools for continuous monitoring. Define and enforce cloud security baselines aligned with CIS, NIST, and ISO controls. Lead penetration testing cycles and coordinate mitigation activities. Produce security HLD/LLD, risk assessments, and operational security runbooks.

Cloud Experience Needed

  • Hands-on experience designing secure AWS multi-account Landing Zones and guardrail policies.
  • Strong understanding of EC2 security, IAM, encryption, and identity federation models.
  • Integration knowledge for Oracle Exadata on AWS, SQL Server, and middleware security flows.
  • Experience with AWS WAF, Shield, GuardDuty, Security Hub, and detective controls.
  • Ability to design security for EKS workloads including pod/network policies and image scanning.
  • Understanding of security in hybrid cloud migrations and AWS migration tooling.
  • Strong expertise in AWS cloud security architecture including IAM, KMS, GuardDuty, and CloudTrail.
  • Deep understanding of AWS Landing Zone, SCPs, governance, and enterprise security guardrails.
  • Experience with security for custom applications including vulnerability identification and remediation.
  • Proficiency with VAPT tools such as Nessus, Qualys, Burp Suite, Fortify, and Checkmarx.
  • Strong understanding of WAF, firewall management, IDS/IPS, and network segmentation.
  • Knowledge of OS-level security for Windows Server 2016/2025 and RHEL 7/8/9.
  • Familiarity with securing Java, .NET, TIBCO ESB, and integration-heavy workloads.
  • Understanding of database security for Oracle 19c, Exadata on AWS, and SQL Server.
  • Ability to apply Zero Trust, least privilege, encryption, and secure-by-design principles.
  • Strong collaboration skills across infra, app, DB, network, and DevOps teams.

Special Requirements

Onsite

Compensation & Location

Salary: $70 – $90 per year (Estimated)

Location: Irvine, CA

Recruiter / Company – Contact Information

Email: havi@valzosoft.com

Interested in this position?
Apply via Email

Recruiter Notice:
To remove this job posting, please send an email from
havi@valzosoft.com with the subject:

DELETE_JOB_ID_8524

to delete@join-this.com.