Cloud Security Architect

OverviewThe Cloud Security Architect will be responsible for assessing and enhancing the security posture of client cloud environments, identifying vulnerabilities, and recommending remediation strategies.This role requires a strong focus on both technical security controls and process governance to ensure resilient, compliant, and secure cloud architectures.The Cloud Security Architect will engage directly with clients, guiding them through security assessments, architecture reviews, and implementation plans.ResponsibilitiesAssess the security posture of customer cloud workloads and environments to identify vulnerabilities and gaps.Recommend and design security interventions aligned with best practices and compliance requirements.Evaluate and strengthen configurations for Azure security services, including Microsoft Defender for Cloud, Sentinel, Key Vault, Azure AD (Entra ID), Privileged Identity Management (PIM), Azure Policy, and governance and observability tools such as Azure Monitor and Log Analytics.Lead and facilitate security architecture workshops, risk assessments, and governance reviews with client teams.Collaborate with cross-functional teams to ensure alignment between security, operations, and business objectives.Conduct thorough security risk assessments and ensure mitigation strategies are implemented.Drive continuous improvement of security processes and controls based on evolving threat landscapes and compliance frameworks.Ensure adherence to industry frameworks and regulations such as NIST, ISO/IEC *****, HIPAA, GDPR, and FedRAMP.Required QualificationsMinimum 5 years of experience in cloud security architecture and assessment, specifically within Microsoft Azure environments.Deep knowledge of Azure security architecture and cloud-native security resiliency patterns.Strong experience with security frameworks and methodologies (e.g., NIST CSF, ISO/IEC *****).Proficient in vulnerability management, risk assessment, and security compliance standards.Ability to communicate complex security concepts clearly to both technical and non-technical stakeholders.Strong written and verbal communication and documentation skills.Hands-on experience with Azure security and governance services: Microsoft Defender for Cloud, Sentinel, Key Vault, Azure AD (Entra ID), PIM, Azure Policy, Azure Monitor, and Log Analytics.Familiarity with Microsoft Security Assessments, such as the Well-Architected Review Assessment (WARA) and Microsoft Security Assessment Frameworks.Experience working directly with clients in customer-facing roles to deliver security assessments and solutions.Solid understanding of process governance, security incident response planning, and Major Incident Response Plan (MIRP) development.Preferred QualificationsStrong consulting experience with direct client engagement and workshop facilitation.Familiarity with SOC integration, security operations center workflows, and incident response coordination.Experience with compliance frameworks such as HIPAA, GDPR, FedRAMP, or equivalent.Expertise with SIEM/SOAR tools, automation, and security orchestration.Proven track record delivering executive-level security architecture reviews and recommendations.CertificationsRequiredMicrosoft Certified: Cybersecurity Architect ExpertITIL Foundation CertificationPreferredMicrosoft Certified: Azure Security Engineer AssociateCertified Information Systems Security Professional (CISSP)Microsoft Certified: Security Operations Analyst AssociateMicrosoft Certified: Identity and Access Administrator AssociateMicrosoft Certified: Azure Administrator AssociateBusiness Continuity and Disaster Recovery (BC/DR) certifications such as CBCP, MBCI, ISO *****, or equivalent industry-recognized certificationsA vaga aceita trabalho remoto?SimSeniority levelMid-Senior levelEmployment typeFull-timeJob functionInformation TechnologyIndustries: Software DevelopmentReferrals increase your chances of interviewing at 4DF Connect by 2xGet notified about new Security Architect jobs in Brazil.Principal Consultant – SOC Transformation & XSIAM DeploymentSoftware Architect - Containers / VirtualisationSoftware Architect - Containers / VirtualisationSoftware Architect - Containers / VirtualisationSoftware Architect - Containers / VirtualisationSoftware Architect - Containers / VirtualisationSoftware Architect - Containers / VirtualisationSenior Offensive Security Analyst - RemoteSecurity Engineer ($50,000/year USD), SparkrockAnalyst, Information Security – Identity and Access Management (IAM)We're unlocking community knowledge in a new way.Experts add insights directly into each article, started with the help of AI.#J-*****-Ljbffr