Senior Cloud Security Architect

Summary

Join CENSUS' Product Security Professional Services team as a talented professional to deliver comprehensive cybersecurity services to clients. Leverage your knowledge and experience in Cloud Security to develop security architectures, execute design security reviews, and conduct risk assessments.

Requirements

• MSc or BSc. in Electrical Engineering, Computer Science, Computer Engineering, or equivalent practical experience
• 8 + years of experience in Information or IT Security
• 3 + years of experience in cloud application or cloud platform security related roles. Experience can be an engineering / development position (e.g., consumer or enterprise), an assessment / consultancy role, an equivalent role in other engineering organizations, or a combination of them
• Proven experience in developing or auditing security solutions for cloud platforms (public, private or hybrid Cloud Service Providers)
• Proficient in English and excellent communication skills
• Experience with designing, implementing and auditing cloud platform security architecture and engaged technologies
• Experience with the technologies of at least one of the major public Cloud Service Providers (GCP, AWS or Azure) and the security features they provide (Key & Secret management, IAM, Service Accounts, Workload / VM Identities, TLS / PKI, Load Balancing, storage encryption, data localization, etc.)
• Experience on developing & comprehending source code, discerning business logic, and identifying security flaws in Web- and Cloud-relevant languages, such as Java, Ruby, Rust, Go, Python, C#, Lua, and JavaScript
• Experience with application authentication, authorization, identity, access management, and secrets management technologies, such as OAuth, MFA, SSO, JWT, PKI, Cloud IAM, Password-less authentication, HashiCorp Vault, etc
• Experience with applied cryptography and cryptographic protocols, such as E2E protection, authenticated encryption, mTLS, Key Exchange / Agreement, Key Derivation, Key Wrapping and Remote Key Attestation
• Experience in identifying and mitigating security vulnerabilities on software running on cloud platforms (OWASP Web Top10 vulnerabilities, data encryption, transport layer protections, insecure configurations, secrets management, etc.)
• Experience with cloud confidential computing, virtualization, enclaves, containers, and workload attestation technologies
• Problem solving skills, analytical thinking, and willingness to learn/grow

Responsibilities

• Analyze product security requirements and apply industry-recognized methodologies to translate them into effective security controls
• Design and support the implementation of secure cloud architectures
• Audit externally developed product security designs, document missing security controls, and lead efforts to analyze and implement security improvements
• Conduct threat modeling, attack surface analysis, and attack tree creation for products running on cloud platforms
• Research, review, compare, and propose technologies that meet client requirements and align with their strategic objectives
• Perform comprehensive security posture assessments through source code auditing, functional testing, fuzz testing, and other relevant methodologies
• Validate CI/CD pipelines and audit deployment configurations across various hosting environments (native, hybrid, etc.)
• Ensure that the implemented solutions align with the product’s security architecture, requirements, and threat model
• Document and present product security risks in both technical and business contexts
• Lead and support a small team (2-3) of security engineers and consultants in assessing and researching cutting-edge technologies and products

Preferred Qualifications

• Familiarity with debugging, instrumenting, and profiling software running on cloud platforms
• Familiarity with application reverse engineering or fuzz testing methods
• Experience of working with international teams in other regions and time zones worldwide