Your Role:

The Product Security Architect plays a crucial role in ensuring the security of our product offerings, with a special focus on cloud security. This position requires a blend of expertise in cloud computing and software development, applying secure coding practices across various programming languages and cloud environments. The ideal candidate will be experienced in embedding security within the product development lifecycle, particularly within cloud-based infrastructures such as AWS, Azure, or Google Cloud Platform.

Your Impact:

• Develop and refine security architecture strategies for product development, emphasizing secure integration into cloud services and infrastructure.
• Work closely with development teams to implement security throughout all phases of the software development lifecycle, with a focus on cloud-based applications.
• Perform thorough security assessments and risk analysis on cloud architectures, identifying vulnerabilities and formulating mitigation strategies.
• Design, advocate, and implement cloud-specific security measures, including but not limited to IAM, data encryption, secure network configurations, and comprehensive activity monitoring.
• Spearhead cloud security incident response initiatives, including detailed investigation and mitigation efforts, to prevent future security breaches.
• Maintain current knowledge of emerging threats and technologies in cloud security, applying this knowledge to protect company products.
• Lead security awareness and training for development teams, emphasizing the importance of security in cloud environments.
• Ensure compliance with all relevant cloud security standards and regulations, aiding in the acquisition of related certifications.
• Liaise with external security experts, researchers, and cloud service providers to remain informed about new vulnerabilities and best security practices.
• Facilitate the company’s attainment of product security certifications and compliance audits, with a special focus on cloud security.

Your Experience:

• Bachelor’s or Master’s degree in Computer Science, Information Security, or a closely related field, with significant coursework or experience in cloud computing.
• At least 5 years of cybersecurity experience, with a minimum of 3 years dedicated to cloud security in platforms such as AWS, Azure.
• Proficiency in secure software development and deep understanding of vulnerabilities and mitigation practices.
• Strong proficiency in one or more programming languages relevant to cloud development, such as .NET, Go, Java, Kotlin, Node.js, C/C++.
• Experience with containerization (Docker, Kubernetes), with a keen understanding of their security implications.
• Familiarity with security automation and orchestration tools to efficiently manage security at scale in cloud environments.
• Exceptional problem-solving capabilities and the ability to convey complex security concepts across diverse audiences.
• Previous involvement with regulatory compliance like SOC2/Fedramp and data protection strategies in cloud contexts is a plus.