Senior Cloud Security Architect

closed
CENSUS Logo

CENSUS

πŸ“Remote - Greece

Summary

Join CENSUS' Product Security Professional Services team as a talented professional to deliver comprehensive cybersecurity services to clients. Leverage your knowledge and experience in Cloud Security to develop security architectures, execute design security reviews, and conduct risk assessments.

Requirements

  • MSc or BSc. in Electrical Engineering, Computer Science, Computer Engineering, or equivalent practical experience
  • 8 + years of experience in Information or IT Security
  • 3 + years of experience in cloud application or cloud platform security related roles. Experience can be an engineering / development position (e.g., consumer or enterprise), an assessment / consultancy role, an equivalent role in other engineering organizations, or a combination of them
  • Proven experience in developing or auditing security solutions for cloud platforms (public, private or hybrid Cloud Service Providers)
  • Proficient in English and excellent communication skills
  • Experience with designing, implementing and auditing cloud platform security architecture and engaged technologies
  • Experience with the technologies of at least one of the major public Cloud Service Providers (GCP, AWS or Azure) and the security features they provide (Key & Secret management, IAM, Service Accounts, Workload / VM Identities, TLS / PKI, Load Balancing, storage encryption, data localization, etc.)
  • Experience on developing & comprehending source code, discerning business logic, and identifying security flaws in Web- and Cloud-relevant languages, such as Java, Ruby, Rust, Go, Python, C#, Lua, and JavaScript
  • Experience with application authentication, authorization, identity, access management, and secrets management technologies, such as OAuth, MFA, SSO, JWT, PKI, Cloud IAM, Password-less authentication, HashiCorp Vault, etc
  • Experience with applied cryptography and cryptographic protocols, such as E2E protection, authenticated encryption, mTLS, Key Exchange / Agreement, Key Derivation, Key Wrapping and Remote Key Attestation
  • Experience in identifying and mitigating security vulnerabilities on software running on cloud platforms (OWASP Web Top10 vulnerabilities, data encryption, transport layer protections, insecure configurations, secrets management, etc.)
  • Experience with cloud confidential computing, virtualization, enclaves, containers, and workload attestation technologies
  • Problem solving skills, analytical thinking, and willingness to learn/grow

Responsibilities

  • Analyze product security requirements and apply industry-recognized methodologies to translate them into effective security controls
  • Design and support the implementation of secure cloud architectures
  • Audit externally developed product security designs, document missing security controls, and lead efforts to analyze and implement security improvements
  • Conduct threat modeling, attack surface analysis, and attack tree creation for products running on cloud platforms
  • Research, review, compare, and propose technologies that meet client requirements and align with their strategic objectives
  • Perform comprehensive security posture assessments through source code auditing, functional testing, fuzz testing, and other relevant methodologies
  • Validate CI/CD pipelines and audit deployment configurations across various hosting environments (native, hybrid, etc.)
  • Ensure that the implemented solutions align with the product’s security architecture, requirements, and threat model
  • Document and present product security risks in both technical and business contexts
  • Lead and support a small team (2-3) of security engineers and consultants in assessing and researching cutting-edge technologies and products

Preferred Qualifications

  • Familiarity with debugging, instrumenting, and profiling software running on cloud platforms
  • Familiarity with application reverse engineering or fuzz testing methods
  • Experience of working with international teams in other regions and time zones worldwide
This job is filled or no longer available