Cloud Security Architect

Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.

Mandiant Security Transformation Services helps organizations build an effective security operations program that minimizes organizational risk and reduces the impact of security breaches. With targeted focus in cloud architecture, our consultants work from initial assessment, on-site workshops to explore clients cloud environment, configuration review of security controls, to detailed practical technical recommendations to harden the cloud environment, enhance visibility and detection, and improve processes to reduce the risk of compromise. 

As a Cloud Security Architect, you are responsible for developing and overseeing a cloud computing strategy for our customers, as well as responding to cloud-related breaches. This includes cloud adoption plans, cloud application design, and cloud management and monitoring. You will need to apply your cloud security skills, cloud network architecture, security hardening, and logging enforcement skills to assist clients with containment and remediation workstreams. The cloud architect will provide customers with industry best practice and insight regarding cloud application architecture and deployment in cloud environments. The successful candidate will possess strong consulting skills, be adept in leading multiple projects under tight deadlines, and possess in-depth experience in security event monitoring, cyber threat intelligence, and/or computer incident response. 

What You Will Do

• Perform technical security configuration assessments of a client’s cloud platforms - such as Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). 
• Perform technical security configuration reviews for common cloud-based SaaS platforms, including Microsoft 365 (M365). 
• Guide clients in the creation of optimized cloud solutions that deliver enterprise-grade security, compliance, and responsiveness to the latest cloud-based threats and attacks.  
• Architect cloud services and mitigate risks 
• Assist with defining and developing appropriate governance for a cloud strategy 
• Provisioning and automating cloud services 
• Orchestration of cloud workflows 

• Demonstrate a deep understanding of cloud computing concepts and how security controls are applied to those cloud-based technologies. Example cloud security concepts include, but are not limited to: 
• Architecture & Networking 
• Identity & Access Management 
• Securing the CI/CD Pipeline 
• Secrets and Data Protection 
• Logging, Detection, and Response 
• Security Controls for Containers (e.g., Docker, Kubernetes, etc.) 
• Experience running Cloud services with a combination of onsite and on cloud hosting provider experience (AWS, Azure, Google Cloud) 
• Deep understanding and implementation of industry-leading practices around cyber risks and Cloud security for clients’ cloud security frameworks using industry standards such as CIS Benchmarks, Cloud Security Alliance, and NIST SP 800-144, 800-145, 800-291, and 800-322. 
• Experience advising customers on cloud architecture and design concepts based on compliance and regulatory standards (e.g., PII, PCI-DSS, PHI, GDPR, HIPAA). 
• Good understanding of a programming or scripting language and API interactions with cloud platforms
• Must understand governance and convey governance principles to cloud computing in terms of policies 
• Experience with Incident Response within cloud environments and applications 

Additional Qualifications: 

• Must be eligible work in EU member states, or Swiss or UK  without sponsorship
• Bachelor’s degree in a technical discipline (or equivalent work experience) 
• Willingness to travel up to 50%  
• Experience in preparing architecture diagrams and writing approach papers 
• Certifications related to specific Cloud Platforms (e.g. AWS, Azure, GCP, etc.) or industry-standard cloud certifications (e.g. CCSP, CCSK, etc.) 
• Proven ability and understanding of the components that comprise a successful cloud information security program