Cloud Security Solutions Architect

at Capgemini in Chicago, Illinois, United States

Job Description


1. Presales: This represents the primary responsibilities for this role. The cyber solutions architect will work collaboratively with Direct Cyber Sales team to ensure holistic coverage on all qualified cyber deals. They will provide technical leadership and content development for client and prospect needs such as proposal responses, RFIs, Statements of Work, and other similar requests.

2. Portfolio Optimization : Work with the Global Portfolio Hub to support portfolio optimization and service expansion efforts based on market trending and opportunities recognized cross-sector.

3. Thought leadership : Provide thought leadership by engaging in publication of white papers, articles, podcasts, and participating in key industry events.

4. Delivery Support : Maintain flexibility so that SMEs are enabled to take on short duration delivery responsibilities to accelerate time to revenue recognition.

5. Cloud Security Strategy Development: Develop and maintain a comprehensive cloud security strategy aligned with the Client’s goals, regulatory requirements, and industry best practices.

6. Security Architecture Design: Design secure cloud architectures, including network layouts, data storage mechanisms, identity and access management (IAM) policies, and encryption strategies, considering cloud provider services and features.

7. Risk Assessment and Management: Identify, assess, and prioritize security risks and vulnerabilities in cloud environments, and develop strategies and countermeasures to mitigate these risks effectively.

8. Identity and Access Management (IAM): Design and implement IAM solutions to manage user identities, access privileges, authentication mechanisms, and federated identity relationships across cloud services and applications.

9. Data Protection and Encryptio n: Define data protection policies and encryption mechanisms to safeguard sensitive data stored, processed, and transmitted in cloud environments, ensuring compliance with regulatory requirements and industry standards.

10. Network Security: Implement network security controls such as firewalls, intrusion detection/prevention systems (IDS/IPS), virtual private networks (VPNs), and network segmentation to protect cloud-based resources and data traffic.

11. Security Monitoring and Incident Response : Configure and manage security monitoring and logging tools to detect and respond to security incidents and breaches in real-time, including incident investigation, forensics analysis, and remediation actions.

12. Compliance and Governance : Ensure compliance with relevant regulatory requirements (e.g., GDPR, HIPAA, PCI DSS) and industry standards, and establish governance frameworks and controls to maintain security posture and accountability in cloud environments.

13. Security Automation and Orchestration : Develop automated security processes and workflows to streamline security operations, including security tool integration, policy enforcement, and incident response automation.

14. Collaboration and Stakeholder Management: Collaborate with cross-functional teams, including IT operations, development, compliance, and legal departments, to align security initiatives with business objectives and ensure buy-in and support for security efforts.


· 10 Years of experience in IT and should be aligned with Cloud security architect.

· 10 Year of Aws, Azure, GCp Cloud administration and Architecture experience

· 5 years of hands-on experience in Cloud environments.

· Bachelor’s degree from an accredited college in a related discipline, or equivalent experience/combined education

· Prior experience in a customer-facing sales engineering or solutions architect role.

· Deep Technical knowledge required in security solutions with :

o Threat and Vulnerability Management, · Security Information Event Management (SIEM), · Endpoint Detection and Response (AV, HIPS, HIDS), · Web Application Firewalls, URL Content Filtering, DMARC, DKIM, and SPF, Identity and Access Management, Privileged Account Management, Threat Hunting & Penetration Testing, PKI – Public Key Infrastructure, Web Application Firewalls, E-Discovery & Legal Hold, Data Loss Prevention, BCDR, SAST, DAST, And SDLC, Regulatory Frameworks, Firewall solutions, Phishing Tactics, Techniques, and Processes, Network Access Controls (NAC)

o Cloud Platforms: Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and others, including their services, features, and security capabilities.

o Network Security: Understand cloud networking concepts such as virtual private clouds (VPCs), subnets, security groups, and network ACLs, as well as techniques for securing cloud networks and data traffic, including encryption, VPNs, and network segmentation.

o Data Security: Data protection mechanisms, encryption at rest and in transit, key management, data masking, and data loss prevention (DLP) techniques to safeguard sensitive data stored in cloud environments.

o Identity Federation and Single Sign-On (SSO): Familiarity with identity federation protocols like SAML, OAuth 2.0, and OpenID Connect, and experience integrating cloud services with identity providers to enable SSO and seamless access across applications.

o Security Compliance: Understand regulatory compliance requirements relevant to cloud computing, such as GDPR, HIPAA, PCI DSS, SOC 2, and experience implementing security controls and measures to achieve compliance in cloud environments.

o Cloud Security Architecture : Ability to design and implement secure cloud architectures, considering factors such as data residency, segregation of duties, defense-in-depth principles, and best practices for securing cloud workloads and applications.

o Security Monitoring and Logging: Proficiency in configuring and managing security monitoring and logging services provided by cloud platforms, including cloud-native monitoring tools, SIEM solutions, and log management services for detecting and responding to security threats.

o Incident Response and Forensics : Experience in developing incident response plans and procedures for cloud environments, conducting security incident investigations, and performing digital forensics to identify the root cause of security incidents and breaches.

o Container Security: Knowledge of containerization technologies such as Docker and Kubernetes, and experience implementing container security measures such as image scanning, runtime protection, and network segmentation to mitigate risks associated with containerized workloads.

o Serverless Security: Familiarity with serverless computing platforms like AWS Lambda, Azure Functions, and Google Cloud Functions, and understanding of security considerations and best practices for developing, deploying, and securing serverless applications.

· Prior experience with or knowledge of Cloud Security practices and principles.

· Prior application development languages and challenges

· Prior experience with metric measurements for Cloud Security lifecycles

· Prior experience with Infrastructure as Code

· Understanding of Kubernetes, Docker, and/or other related solutions

· Understanding of API and PKI solutions

· Strong understanding of IAM principles within a CSP and how they are applied to the organization

· Prior experience with or knowledge of network hardening best practices and principles.

· Knowledge and understanding of threats and risks that are present with cloud native, hybrid cloud, and legacy data center sc

Copy Link

Job Posting: JC259371604

Posted On: Jun 01, 2024

Updated On: Jul 01, 2024

Please Wait ...