Cloud Security Application or Enterprise Architect

Onsite Location : Dallas, Tx, Experience : 9-12yrs Client : T Mobile Job/Responsibility Profile: • OS Automation, OS Scripting, Patching Automation (Linux and Windows servers) in the cloud at scale.

• Configure and manage cloud security tools such as encryption, identity and access management, logging, and auditing.

• Analyze and investigate security alerts and incidents using SIEM/SOAR platforms, investigate and provide timely response and resolution.

• Identify and remediate cloud misconfigurations and compliance issues using automation and scripting.

• Develop and update cloud security policies, standards, and guidelines based on Industry standards.

• Participate in incident response activities, including investigations, root cause analysis, and remediation efforts.

• Monitor cloud environments for security breaches, unauthorized access, and other security incidents, and respond promptly to mitigate risks.

• Support cloud customers through cloud-native architecture guidance, security architecture guidance, policy remediations, etc.

• Work with ITSM functions (Change management, Incident management, Problem management, Request management) as they apply to tools and platforms used by the team.

Technical Skills/Experience: • Experience with AWS & Azure - Hands-on experience architecting & administering with at least one and working knowledge of the other.

(GCP knowledge/exposure is a plus) • Strong knowledge of cloud security concepts, principles, and best practices • Good understanding of OS fundamentals (Windows or Linux) and OS security principles • Experience in cloud security - in AWS or Azure (GCP experience is a plus) • Experience working with IaC tools such as Terraform, CloudFormation, or ARM templates.

• Hands-on experience with Linux and Windows patching and hardening • Hands-on experience with SIEM/SOAR technologies.

• Experience with analyzing security logs such as Cloud Trail, VPC Flow Logs, S3 Access Logs, Azure Activity Logs, NSG Flow Logs, Storage account logs.

• Hands-on experience with cloud security tools such as AWS Security Hub, Azure Security Center, or GCP Security Command Center • Proficient in scripting languages such as Python or Bash • General experience working within ITSM processes (Change, Incident, Problem, Request management) in an Enterprise context • Certifications such as AWS Certified Security Specialty, Azure Security Engineer Associate, or GCP Professional Cloud Security Engineer are a plus