Skip to main content
Search

Azure Cloud Security Architect

Apply Job ID 17710 Date posted 03/12/2024

Job Family:

IT Architecture/Cloud (Digital)


Travel Required:

Up to 10%


Clearance Required:

Active Public Trust

What You Will Do:
The Cloud Security Architect is responsible for leading the development of cyber-security architecture in an agile environment, ensuring technology initiatives are implemented within the framework to secure one of our key government client's cloud environments. The right candidate will be accountable for strategic planning, architecture, and securing enterprise information by identifying network and application security requirements, implementing and testing security controls and procedures.


The primary areas of focus for the Cloud Security Architect is to advise in developing Cloud risk management strategies and multi-year implementation and remediation programs based on business priorities and risks to address Cyber-Security, Cyber Defense and Business needs of our customer.

  • Design security solutions for Azure cloud environments including leading architecture reviews for decision records.

  • Knowledge areas include IAM with Entra ID/Azure Active Directory, posture management, workload protection, SIEM/SOAR, application software testing.

  • Build architectural runway for infosec requirements for both infrastructure and application development teams.

  • Collaborate with agile teams to ensure security requirements are met.

  • Analyze and continuously monitor cybersecurity and privacy policies, processes and compliance artifacts, systems authorization, and management in a cloud environment.

  • Analyze and map existing security controls and safeguards to compliance requirements for a cloud environment.

  • Conduct architecture reviews and security impact assessments for technology and software development initiatives.

  • Assist in the implementation a Azure Zero-Trust Architecture as a core part of all design and development of the cloud solution.

  • Coordinate application and infrastructure risk mitigation and vulnerability remediation activities.

  • Assist in the design, development, implementation, and deployment of a hybrid cloud solution in a FedRAMP High environment involving integration of hybrid cloud solutions with on-premises components and systems.

  • Assess vulnerabilities and attacker tactics, techniques, and procedures (TTP) and provide incident response support to locate and prevent threats.

What You Will Need:

  • Bachelor's degree required

  • 5+ years’ cyber related experience in a commercial environment with Azure, in a technical information security and risk management role.

  • 5+ Firsthand working with the various Azure security tools/platforms such as Azure AD, Sentinel, Defender, Monitor, Key Vault, or similar in other platforms.

  • 5+ years managing security policies and initiatives in Azure.

  • Identity Access and Management concepts, multifactor authentication, SSO/Federation

  • Privileged Access Management key concepts

  • Ability to set up and configure the Azure security platforms, and function as an overall lead managing end to end security on the Azure Cloud regions.

  • Vulnerability testing as it relates to Azure systems.

  • Security concepts & tools related to CI/CD pipelines, and software scanning.

  • Demonstrable understanding of Information Security and Risk Management capabilities related to cloud computing across Windows and Linux


What Would Be Nice To Have:

  • Master degree

  • INFOSEC Certifications: CISSP, CCSP, CISM

  • Azure/AWS/Google Training and Certification

  • Microsoft Certifications/Exams a recommended: Sc-100 Cybersecurity Architect; Sc-300 Identity and Access Administration; AZ-500 Azure Security Engineer

  • Crowdstrike Falcon EDR for Azure

  • Managing/maintaining FISMA compliance for a government information system in accordance with requirements from NIST.

  • Demonstrated experience collaborating directly with external clients, business leadership, and auditors.

  • Direct technical background, to include familiarity with servers, network devices, and security systems.

  • Experience working as system or portfolio architect on agile release trains.

  • Working knowledge of current NIST 800-53 for Azure and FedRAMP High for Azure, Azure CIS Benchmark compliance

  • Working knowledge of Azure CAF and Terraform

  • OpenText Fortify experience a plus.

The annual salary range for this position is $132,600.00-$198,800.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.


What We Offer:

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

  • Medical, Rx, Dental & Vision Insurance

  • Personal and Family Sick Time & Company Paid Holidays

  • Parental Leave

  • 401(k) Retirement Plan

  • Group Term Life and Travel Assistance

  • Voluntary Life and AD&D Insurance

  • Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts

  • Transit and Parking Commuter Benefits

  • Short-Term & Long-Term Disability

  • Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities

  • Employee Referral Program

  • Corporate Sponsored Events & Community Outreach

  • Care.com annual membership

  • Employee Assistance Program

  • Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)

  • Position may be eligible for a discretionary variable incentive bonus

About Guidehouse
Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.


Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.


If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at RecruitingAccommodation@guidehouse.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.


Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.

Apply