Cloud Security Architect

CLA is a top 10 national professional services firm where our purpose is to create opportunities every day, for our clients, our people, and our communities through industry-focused wealth advisory, digital, audit, tax, consulting, and outsourcing services. Even with more than 8,500 people, 130 U.S. locations, and a global reach, we promise to know you and help you.

CLA is dedicated to building a culture that invites different beliefs and perspectives to the table, so we can truly know and help our clients, communities, and each other.

Our Perks:

Flexible PTO (designed to offer flexible time away for you!)

Up to 12 weeks paid parental leave

Paid Volunteer Time Off

Mental health coverage

Quarterly Wellness stipend

Fertility benefits

Complete list of benefits here

CLA is looking to hire a Cloud Security Architect to join our growing Enterprise IT team.

About the role:

The Cloud Security Architect works closely with Application Security and IT Cloud Services teams to build a holistic view of the overall security posture for the firm. The focus of the position is to assist in the creation, endorsement, and utilization of technical best practice cloud security architecture that guides the Firm through securing acquisition, building, modifying, and interfacing IT resources throughout the organization with an emphasis on cloud-based services. The Cloud Security Architect will be a hands-on position. The Cloud Security Architect supports the Application Security and IT Cloud Services teams by assisting in the implementation of best practice documents, creating security architecture drawings, providing level 3 and in occasional level 4 support, and participating in Technical Projects that span across all IT teams.

As a Security Architect, you will: act in a supporting role to the IT Cloud Services Architects to promote and implement the strategic mission critical IT projects.

Business Solutions: Cloud Security Architect

Completes Secure Design Reviews (SDRs) of solution architectures from submitted artifacts and provide germane security requirements.

Facilitate threat modeling sessions, involving stakeholders and SMEs.

Leads security architecture design with SaaS, PaaS, and IaaS.

Identifies and enforces enterprise security standards to support secure, resilient solutions.

Forms relationships with IT operations, security operations, data engineering, software development and risk management.

Reports the state of cloud security posture to cybersecurity leaders, stakeholders, IT and developers.

Supports IT Cloud Services Architects in implementing strategic mission-critical IT projects.

Reviews project documentation, researches security policies, and provides recommendations and guidance to secure systems, processes, and software applications.

Communicates effectively to both business and technical stakeholders.

Assists IT teams in creating and documenting security requirements and configurations, ensuring adherence to secure design principles.

Translates requirements into secure system guidelines and high-level technical specifications.

Technical Team Initiatives:

Demonstrated leadership experience managing people as well as technology solutions

Working knowledge of Azure cloud architecture patterns and best-practices, including architecture patterns for developed applications.

Working knowledge of DevOps and CI/CD security patterns.

Familiarity with security principles and best-practices related to developed document intelligence solutions which leverage AI for ingestion and analysis.

Working knowledge of security best-practices related to monitoring, logging, IAM, encryption, data protection, detection, and preventative controls.

Excellent written and oral communication skills.

Participates in the Firm’s Software Development Life Cycle (SDLC) process, emphasizing security and compliance by design.

Validates controls for Encryption, Access Control, Web Application Vulnerability Detection, and OWASP top 10.

Creates necessary documentation for security initiatives.

Strong background in Azure cloud networking and security protocols (VPN, IPsec, SSL/TLS).

Experience with Docker, Azure Kubernetes Service (AKS), Azure DevOps, and DevOps pipelines.

Knowledge of single-page application (SPA) architectures with API backends.

Knowledge of Azure Virtual Networks, Azure SQL, Azure Databricks, Entra ID, Azure Blob Storage, Key Vault, caching technologies and WAF/CDN

What you will need:

•7 years of general IT experience required. 4 of which are with security of IT systems, and 2 with security design/strategy.

•Bachelor's degree is required. Combination of relevant experience, education, and training may be accepted in lieu of degree.

Certifications / Licenses

• CISSP, CISM, or CISA preferred.

Technical Competencies

This position works within multiple cybersecurity frameworks (NIST 800-53, NIST-171, CIS, HIPAA, PCI), and should be conversant across multiple frameworks, and competent in the requirements, design, and application of the frameworks into technical solutions and processes.

#LI-JH1

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

Click here to learn about your hiring rights.

Wellness at CLA

To support our CLA family members, we focus on their physical, financial, social, and emotional well-being and offer comprehensive benefit options that include health, dental, vision, 401k and much more.

To view a complete list of benefits click here.

R15611