Software Guidance & Assistance, Inc., (SGA), is searching for a remote Cloud Security Architect for a contract assignment with one of our premier Financial clients based in Los Angeles CA. This is a 100% remote position . Security Architect, within the Platform Security will work with the various assigned security teams: Identify the security requirements and approved patterns established/defined across the various security teams. ggregate them into a unified, holistic security architecture with approved, standard patterns. Develop/assist with new security patterns, as required. Partner with the Enterprise Architect to ensure that the security architecture and patterns are incorporated into the enterprise architecture program. ssist with building security architecture framework and mapping of tools/ capabilities to controls and threat library. Evaluate external and internal threats for the organization. Maintain and update security tools and capabilities based on new threats and organization changes. Perform/assist with security architecture reviews for new emerging technologies, platforms and applications. Provide technical recommendations and improvement to mitigate and/or remediate the risks/ threats. Responsibilities : Develops, reviews, edits, and provides recommendations for new and existing security architecture design artifacts such as reference and solution architectures along with framework mapping to NIST, CIS, ISO etc. Provides security architecture guidance to internal customers and security teams for larger and more significant engagements. Subject matter expert in at least one security domain such as IAM, Application Security and/or Data Protection in addition to Cloud Security. Support development of security patterns. ssist with development and documentation of security architecture framework and defining security requirements for emerging technology/ platforms and applications. Maintain and update inventory of security tools/capabilities and mapping to internal controls & threat library/ framework. Conduct and facilitate security reviews, threat modelling and design reviews through the development lifecycle. Develops and recommends security designs and frameworks for technology systems by defining process and architecture. Participates on projects and recommends secure solutions based on policies, standards and best practices. Provides Information Security subject matter expertise in various risk assessments. Ensuring the security of cloud-based data and applications against unauthorized access, theft, and other threats Provides subject matter expertise for customer-initiated reviews of business security practices. Work closely with other Solution/Enterprise Architects to align the security requirements and the solution design with the customers’ business drivers and demonstrate unique value. Participate in customer conversations to define the security requirements and overall technical architecture for data and related solutions. Required Skills : Bachelor’s degree in computer science, information security, or a related field. 10+ years of hands-on technical experience in Information security with a focus on Security Architecture, Vulnerability management, Secure development lifecycle and/or Security Operations/Engineering 5+ years of Cloud Security experience across Data, Application, IAM and Infrastructure domains (on multi-cloud such as AWS, Azure) Familiarity with major security frameworks & standards such as NIST, ISO, PCI, and FedRAMP. Experience with Big-Data security/ analytics, Application Security and/or IAM required. Experience in data governance and data security best practices preferred. Understanding of data security frameworks, data quality frameworks, metadata management & data catalogs and data governance. Thorough understanding of modernizing data technology and information architecture on cloud. Experience with cloud-native security tools and technologies (e.g., SIEM, CNAPP, CSPM, runtime monitoring). Experience with DevOps and CI/CD tooling. Knowledge/ experience with containers/microservices. Knowledge of the enterprise information technology (IT) architectural concepts and security patterns (e.g., baseline, validated design, and target architectures). bility to design security architectures/ develop patterns and frameworks. Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes. Knowledge of integration and optimization of cyber security tools/ capabilities Understanding of industry trends for cybersecurity risk & threat intelligence, and governance. dvise stakeholders and translate business requirements into secure, scalable, and reliable cloud solutions. Preferred Skills : Master’s degree preferred. Industry certifications such as CISSP, CISM, or CISA highly desired. WS Security and/or Azure Security certifications preferred. SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let’s work better together, we mean it. You’ll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at . SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company EEO page to request an accommodation or assistance regarding our policy.
ISO standards application-security infrastructure systems CI/CD Vulnerability management data-management Amazon Web Services (AWS) docker-containers data-security Enterprise architecture (EA) Azure DevOps pci data governance Analytics FedRAMP amazon-iam microservices