Principal Cloud Security Architect (Remote / Global Team)

Job Description

This is a remote position.

We’re partnering with a global HCM product company to build and scale a people-first cloud platform used by more than five million users worldwide. The Product Security tean is responsible for securing the entire product ecosystem—proactively identifying, addressing, and preventing vulnerabilities across cloud services, applications, and infrastructure.

We are looking for a Principal Cloud Security Architect with deep technical expertise and strong leadership skills. This role will drive the strategic direction of cloud security across a multi-cloud environment (Azure primary; AWS in scope), influencing architecture decisions and enabling secure-by-design practices across engineering and operations teams. If you love solving complex cloud security challenges, driving automation, and shaping scalable security frameworks in an agile environment, we’d love to meet you.

What You’ll Do

Strategic Leadership & Architecture

Define and lead the cloud security vision and multi-cloud strategy.

Build and maintain the cloud security blueprint, including landing zones, identity patterns, network segmentation, encryption standards, logging / monitoring, and automated guardrails.

Ensure architecture anticipates current and emerging threats.

Governance, Compliance & Risk

Own cloud governance and technical compliance across Azure and AWS.

Implement policy-as-code and continuous compliance (Azure Policy, AWS Organizations / SCPs).

Lead threat modeling, control selection, and risk decisions for cloud workloads.

Automation, Tooling & DevSecOps

Design and implement automated security controls using Terraform and Bicep.

Integrate security into CI / CD workflows—scanning, testing, policy enforcement, drift detection, and auto-remediation.

Contribute secure, reusable cloud-native modules to the internal service catalog.

Enablement & Collaboration

Act as the cloud security subject matter expert.

Create guidance, reference architectures, sample code, and enablement materials for engineering teams.

Build strong partnerships across Product, Engineering, SRE, and CloudOps.

Foster a security-first mindset across the organization through training and coaching.

Security Controls & Implementation

Implement cloud-native security capabilities : CSPM / CNAPP, CIEM, KMS / Key Vault, WAF, SIEM integration, container protection, and more.

Ensure secure identity, secrets management, data protection, logging / telemetry, and incident response across cloud environments.

What we’re looking for :

Bachelor’s Degree in Computer Science, Cybersecurity, IT, or equivalent experience.

10+ years in software development, DevOps, or cybersecurity, with strong focus on cloud security.

5+ years in senior cloud security, security engineering, or cloud DevOps leadership roles.

Significant hands-on experience with Azure and AWS.

Deep expertise with infrastructure-as-code (Terraform, Bicep; ARM a plus).

Strong scripting experience (Python, PowerShell, Bash; Go is a plus).

Skilled with Kubernetes and container security (image scanning, admission controls, secrets management).

Solid understanding of cloud networking, microservices, and enterprise architecture.

Experience working in regulated environments (PCI DSS v4.0, ISO 27001 : 2022, SOC 2, HITRUST, FedRAMP, etc.).

Preferred Qualifications

Security certifications such as CISSP, GSEC, Azure Solutions Architect, Azure Security Engineer, or AWS Security Specialty.

Experience with DevOps platforms (GitHub / GitLab / Azure DevOps) and large-scale security initiatives.

Leadership experience managing technical teams or programs.

Strong communication skills—able to explain complex security concepts to technical and non-technical audiences.

This is a high-impact leadership role where you’ll influence product architecture, accelerate security maturity, and help protect millions of users through secure cloud innovation.

If you’re motivated by solving complex challenges and driving meaningful change, we’d love to hear from you.