Search by job, company or skills

Minfy

Cloud Security Architect

Save
  • Posted 6 days ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Role Summary

The Cloud Security Architect & Lead will own the security architecture, governance, compliance, and operational security posture across Minfy's multi-cloud environments spanning AWS, Microsoft Azure, and Google Cloud Platform (GCP). This leadership role is responsible for establishing security standards, driving cloud security transformation initiatives, enabling DevSecOps practices, and ensuring secure, compliant, and resilient cloud operations for both Minfy-managed and customer-managed environments.

The individual will work closely with SRE, Cloud Engineering, FinOps, Product Engineering, AI/ML teams, Customer Success, and Strategic Account teams to embed security into every aspect of cloud service delivery.

Key Responsibilities

Multi-Cloud Security Architecture

    • Define and maintain enterprise cloud security architecture standards across AWS, Azure, and GCP.
    • Develop secure landing zones, reference architectures, and cloud security guardrails.
    • Establish architecture patterns for:
    • Multi-cloud deployments
    • Hybrid cloud environments
    • SaaS platforms
    • AI/ML workloads
    • Kubernetes platforms
    • Review and approve security designs for new cloud initiatives and customer engagements.
    • Drive Zero Trust Architecture adoption across all cloud platforms.
Cloud Security Engineering & DevSecOps

    • Embed security controls into CI/CD and Infrastructure-as-Code pipelines.
    • Implement Security-as-Code and Policy-as-Code frameworks.
    • Automate compliance validation and security posture assessments.
    • Establish secure software supply chain controls.
    • Drive secure container, Kubernetes, and serverless security practices.
    • Integrate automated vulnerability and misconfiguration detection into engineering workflows.
Security Operations & Threat Management

    • Define and oversee cloud security monitoring, detection, and response capabilities.
    • Establish multi-cloud threat detection strategies.
    • Lead security incident response and forensic investigations.
    • Drive vulnerability management programs across cloud platforms.
    • Implement cloud-native threat intelligence and proactive threat hunting capabilities.
    • Develop operational runbooks and security response automation.
Governance, Risk & Compliance

    • Develop cloud security governance frameworks and policies.
    • Establish cloud risk management and control assessment processes.
    • Lead compliance initiatives including:
    • ISO 27001
    • SOC 2
    • PCI DSS
    • GDPR
    • HIPAA
    • NIST CSF
    • CIS Benchmarks
    • Support customer security reviews and regulatory audits.
    • Build continuous compliance monitoring capabilities.
Identity, Access & Data Security

    • Define enterprise IAM strategy across AWS, Azure, and GCP.
    • Implement Zero Trust and least-privilege access models.
    • Standardize:
    • MFA
    • SSO
    • Federated Identity
    • Privileged Access Management
    • Lead secrets management and encryption strategy.
    • Define enterprise data classification and protection controls.
AI & Emerging Security

    • Secure GenAI and AI/ML platforms deployed in cloud environments.
    • Establish governance controls for AI workloads.
    • Define security standards for LLM deployments and AI-assisted operations.
    • Assess risks associated with AI services and third-party integrations.
    • Collaborate with AI engineering teams to implement secure AI architectures.
Leadership & Organizational Responsibilities

    • Build and lead a Cloud Security Center of Excellence within SRE.
    • Mentor Cloud Security Engineers and Security Analysts.
    • Partner with Strategic Account Directors, TAMs, Cloud Architects, and Delivery Leaders.
    • Provide executive-level reporting on security posture, risks, and remediation plans.
    • Support customer-facing security discussions and solution reviews.
Required Qualifications

    • 12–15+ years of experience in Infrastructure, Cloud, Security, or SRE domains.
    • Minimum 7+ years of cloud security experience.
    • Minimum 3+ years leading cloud security teams or programs.
    • Hands-on expertise across AWS, Azure, and GCP.
    • Strong understanding of:
    • Cloud-native architectures
    • Kubernetes
    • DevSecOps
    • Identity Security
    • Compliance frameworks
    • Security Operations
    • Experience supporting enterprise-scale SaaS environments.
    • Strong customer-facing and consulting capabilities.
Preferred Certifications

    • AWS Certified Security – Specialty
    • AWS Solutions Architect Professional
    • Microsoft Certified: Cybersecurity Architect Expert
    • Google Professional Cloud Security Engineer
    • CISSP
    • CCSP
    • CISM
    • CKS (Certified Kubernetes Security Specialist)
Success Metrics (KPIs)

    • Reduction in critical cloud security findings.
    • Cloud Security Posture Management (CSPM) score improvement.
    • Compliance audit pass rates.
    • Security incident reduction.
    • MTTD and MTTR improvements.
    • Percentage of infrastructure compliant by default.
    • Vulnerability remediation SLA adherence.
    • Customer security audit success rate.
    • Security automation coverage across cloud platforms.
Reporting Structure

Reports To: Delivery Leader

Manages: Cloud Security Engineers, Security Analysts, DevSecOps Engineers, Security Compliance Specialists

This role becomes the security pillar leader within the SRE organization, alongside leaders for Cloud Operations, FinOps, Platform Engineering, Observability, and Automation, ensuring secure and compliant operations across AWS, Azure, and GCP customer environments.

More Info

Job Type:
Industry:
Employment Type:

About Company

Job ID: 150636215

Similar Jobs

Hyderabad, India

Skills:

DevSecOpsMicrosoft AzureEncryptionKubernetesNetwork SegmentationZero Trust ArchitectureLeast-Privilege Access Models