Summary: Cloud Security Architects develop and deliver solutions that protect cloud
platforms and environments by reviewing and recommending policies, practices, cloud
services, and tools that prevent unauthorized access, use, disclosure, modification or
disruption. This role provides cloud security strategy, architecture, implementation, and
operations consulting to external customers during the delivery phase of a project.
Scope/Level of Decision Making: This is a non-exempt position operating under limited
decision-making and supervision. Acts independently to determine methods and
procedures on new assignments. Position performs a variety of assigned activities,
referring more complex issues to the manager.
● Support the delivery of Onix’s security patterns and services related to cloud
security. This includes security governance (security policies and procedures),
security strategy (security planning), risk (risk assessments and management),
cloud data protection (classification and encryption), cloud-based identity and
access management (IAM), technology/provider-specific cloud architecture (GCP
and AWS) and monitoring/analytics for best practice security in the cloud.
● Ability to interpret design and effectiveness of security controls relevant to
governance and compliance frameworks and cloud security best-practices used
by the customer organization.
● Ability to translate technical cloud security requirements into business terms for
executive stakeholders and customer leadership.
● Conduct cloud security strategy, readiness and discovery assessments including
the analysis of current versus future state design and implementation
● Deliver projects around cloud security, governance, and other foundational
aspects of cloud computing.
● Deliver services that meet Onix’s quality specifications, especially as it pertains to
documentation and presentations that will be delivered to the customer as part of
the project scope.
● Develop delivery guides, assessments, and common architecture patterns.
● Ability to take initiative to communicate, interact, and collaborate with others to
ensure that all aspects of a project are addressed.
● Work with cloud engineers and on engagements to deliver end-to-end solutions
● Help develop and support junior cloud security resources.
Preferred Skills and Experience:
● Minimum 3 years experience working directly with Google Cloud Platform (GCP).
● Certification as a GCP Solutions Architect, GCP Security Engineer, AWS Solutions
Architect, and AWS Security Specialty are a plus.
● Industry recognized certification in security (e.g., CISSP,,CISA, CISM, CEH, etc.) is
● 3 years experience working with AWS and GCP.
● 5 to 7 years experience in a Cloud Engineer role or related position.
● 5 to 7 years experience implementing foundational cloud services (networking
(following cloud-specific best practices), security, account/organizations, logging
& monitoring, identity access management, etc.) following cloud-specific best
● 3 years experience implementing cloud controls, security, and audit services.
● 5 years demonstrated experience implementing cloud platform services to achieve
● Minimum 2 years of experience performing IT security risk assessments against
the following governance frameworks: (NIST 800 Series, COBIT, IT General
● Experience in IT security testing (vulnerability assessments and technical security
assessments in the cloud).
● Experience in Identity and Access Management and cloud resource management.
● Experience with Cloud Security vendors in the IAM, Data Protection, Monitoring
and IaaS provider specific space.
Education: Bachelor's Degree preferred but not required.
Travel Expectation: 30% Domestic