Principal Cloud Security Architect at CEI Group

Principal Cloud Security Architect Work Model: Hybrid – approx. 90% remote, with quarterly in-person collaboration About the Role We are seeking an innovative, adaptable, and results-driven Principal Cloud Security Architect to join a highly collaborative Cybersecurity organization. In this role, you will help shape and safeguard a large, enterprise-scale cloud environment while supporting critical business and technology initiatives. If you enjoy solving complex cloud security challenges and influencing long-term architecture, this is an excellent opportunity. What You’ll Do You will design, implement, and maintain a robust cloud security architecture across Azure, AWS, GCP, as well as enterprise-scale PaaS and SaaS platforms. You will proactively identify security gaps, define standards, and lead remediation efforts that strengthen the organization’s overall security posture. Key responsibilities include: Architect secure cloud infrastructure, including network segmentation, access controls, and account structures. Lead the evaluation, selection, and implementation of cloud security solutions across major cloud providers. Develop, document, and socialize cloud security standards, technical patterns, and best practices. Monitor cloud security posture and conduct regular assessments, risk analyses, and remediation planning. Automate security workflows and policies using scripting languages and cloud-native tools to improve scale and efficiency. Support incident response efforts for cloud-related security events, including investigation, containment, and post-incident analysis. Collaborate with cross-functional teams—including Cloud, DevOps, Engineering, Compliance, and Business project teams—to integrate security into cloud deployments and development pipelines. About You You are a hands-on technologist with strong architectural vision and the ability to influence and collaborate across diverse technical and business teams. You bring: Excellent communication and interpersonal skills, with the ability to build trust across stakeholders. Deep understanding of cloud security principles: identity & access management, network security, data protection, threat modeling, and secure architecture. Extensive experience with Azure, AWS, GCP, and modern cloud security tools (Azure Security Center, AWS Security Hub, GCP SCC, CNAPP platforms, etc.). Strong foundational security knowledge across vulnerability management, network security, penetration testing, SOC operations, and application security. Proficiency in scripting languages such as Python or PowerShell for automation and orchestration. Familiarity with ICS/SCADA/OT environments and industry frameworks such as NIST, CIS Benchmarks, CSA CCM, and NERC CIP.