Job Title: Cloud Security Architect (VP)
Location: New York
Remuneration: $160k – $200k
Our clients in the financial sector is looking for an experienced engineer or architect to join the Cloud Security Engineering team to define cloud IAM strategy and implement security services and controls to leverage public cloud securely and efficiently. This is a senior level position and the successful candidate should have expertise in building enterprise software solutions, extensive experience in using services provided by AWS or GCP and foundational knowledge in information security.
- Collaborate with cross-functional cloud teams in security, infrastructure, service engineering and business application teams to define and implement IAM roles and policies required to build, support and consume services in public cloud.
- Define and develop preventive guardrails, detective controls, and automated alerts and remediation to ensure IAM implementation in all cloud environments are compliant with Citi’s cloud security standards and policies.
- Build automation software to enable self-service access requests and remediation for over privileged or unused access.
- Define SDLC for IAM roles and policies and develop IAM CI/CD pipeline with automated testing and validation.
- Define governance process and develop tools for managing cloud IAM inventory and entitlement review.
- Bachelor’s degree or equivalent work experience
- 6+ years of relative work experience
- Highly motivated self-starter with excellent interpersonal and communication skills
- Experience in the design and implementation of enterprise software solutions involving cross functional collaboration
- Expertise in a major programming language such as Python or Java and development, build and testing tools such as Eclipse, SVN, Git, Ant, Maven, Jenkins and SoapUI
- Hands-on experience with AWS or GCP services and public cloud technologies
- Familiarity with DevOps, CI/CD and agile methodology
- Experience with JSON, YAML, CloudFormation and Terraform
- Experience with database or directory services is a plus