Design and implement secure cloud architectures within AWS environments
Support FedRAMP and federal cloud security compliance initiatives
Design continuous monitoring and compliance automation capabilities
Analyze security events using Splunk, AWS GuardDuty, Security Hub, and related tools
Assess cloud infrastructure for vulnerabilities and security gaps
Implement encryption, segmentation, and secure networking solutions
Support cloud risk assessments and ATO activities
Collaborate with DevSecOps and engineering teams on secure cloud deployments

10+ years of cloud and cloud security experience
Strong knowledge of networking, with AWS native firewall, AWS Direct Connect, AWS Outposts network configuration, reverse proxy configurations, and related automation
Proven ability to design and implement continuous monitoring solutions for cloud systems and applications
Capability to design AI-powered tools that can scan all cloud accounts and VPCs, collect FedRAMP-specific responses, store them in a centralized repository for ConMon, and analyze them to identify unmet requirements
Strong experience in accessing, reviewing, and interpreting reports and alerts generated by SIEM tools such as Splunk
Proficient in reviewing and analyzing reports from AWS GuardDuty, Security Hub, and Amazon Inspector, including interpreting compliance and non-compliance metrics
In-depth understanding of end-to-end data encryption in transit and at rest, including SSL/TLS implementation
Ability to identify potential vulnerabilities, particularly those related to data or configuration tampering
Master's degree required

Cloud Architect

Key skills