close-menu

Cloud Security Architect

Recutify Inc.

Not Interested
Bookmark
Report This Job
profile Job Location:

Markham - Canada

profile Monthly Salary: Not Disclosed
Posted on: 30+ days ago
Vacancies: 1 Vacancy
Register to Apply

Job Summary

Position: Cloud Security Architect
Location: MarkhamON
Position: Full time/Subcon
Mode: Hybrid (Mandatorily need to visit office 3 days a week)

Need 10 Years Profile only.


Job Details:
Top Capability skills required

1. AWS architect

2. AWS security SME

3. IT security background

Senior AWS Cloud Security Architect

The Senior AWS Cloud Security Architect is responsible for designing implementing and governing secure compliant and resilient AWS environments across multi-account cloud infrastructures.

You will lead the architecture and automation of identity data protection threat detection and network segmentation controls across the AWS ecosystem.


Key Responsibilities:

* Design and implement secure landing zones using AWS Control Tower AWS Organizations and Service Control Policies (SCPs).

* Define multi-account security guardrails for shared services workloads and sandbox environments.

* Create reference architectures covering security zones network segmentation and cross-account communication (PrivateLink AWS WAN).

* Lead threat modelling and risk assessments for new workloads and services (Lambda ECS EC2 S3 RDS DynamoDB etc.).

* Develop security-by-design templates integrated into Infrastructure as Code (IaC) pipelines.

* Partner with compliance teams to maintain continuous alignment with CIS Benchmarks and organizational risk frameworks.

* Implement federated access and single sign-on with AWS IAM Identity Center (AWS SSO) Okta and Azure AD.

* Manage cross-account roles STS trust policies and temporary credentials for developers and third parties.

* Automate secret and credential rotation with AWS Secrets Manager and AWS Systems Manager Parameter Store.

* Enforce encryption at rest using AWS KMS CloudHSM and envelope encryption patterns.

* Ensure encryption in transit (TLS 1.2/1.3) across internal and public endpoints.

* Manage key rotation cross-region replication and HSM-based root of trust.

* Implement S3 Object Lock Macie for data discovery and classification and Access Points for fine-grained data access.

* Implement PrivateLink AWS WAN and Route 53 Resolver endpoints for service-to-service isolation.

* Configure Web Application Firewall (WAF) and AWS Shield Advanced for DDoS mitigation.

* Enforce egress control through Cloud NAT AWS Gateway Load Balancer (GWLB) or custom proxies.

* Deploy and integrate AWS Security Hub GuardDuty Macie and Inspector for proactive threat detection.

* Configure Amazon Detective for forensic investigation and anomaly correlation.

* Integrate findings into SIEM/SOAR platforms such as FortiSOAR or Azure Sentinel.

* Automate response playbooks with AWS Step Functions Lambda and SNS alerts.

* Implement AWS Config rules and Conformance Packs to enforce compliance (e.g. CIS AWS Foundations Benchmark).

* Use AWS Artifact for vendor assurance and control documentation.

* Manage compliance dashboards via Security Hub Trusted Advisor and Control Tower drift detection.


Core AWS Security & Supporting Services

Identity & Access Management: IAM IAM Identity Center (SSO) AWS Organizations Access Analyzer Cognito Resource Access Manager (RAM) Directory Service.

Encryption & Key Management: KMS CloudHSM Secrets Manager SSM Parameter Store Certificate Manager (ACM) Private CA.

Network & Perimeter Security: Network Firewall WAF Shield (Standard & Advanced) PrivateLink AWS WAN Route 53 Resolver Network LoadBalancer Application LoadBalancer.

Threat Detection & Monitoring: GuardDuty Detective Security Hub Inspector Macie CloudTrail Config CloudWatch CloudWatch Logs CloudWatch Metrics.

Compliance & Governance: Audit Manager Artifact Control Tower Trusted Advisor Config Conformance Packs Service Catalog Organizations SCPs.

Data Protection: S3 Object Lock Macie Lake Formation DLP integrations S3 Access Points.

Vulnerability & Posture Management: Inspector (EC2 ECR Lambda) Trusted Advisor Config Security Hub.

Application & Container Security: ECR image scanning ECS task IAM roles Lambda least privilege Secrets Manager API Gateway authorization.

Incident Response & Automation: Step Functions Lambda Systems Manager Automation SNS CloudWatch Alarms EventBridge Rules.


Required Skills and Experience

* 8 years in cybersecurity with 4 years in AWS cloud security architecture.

* Deep understanding of AWS Well-Architected Framework (Security Pillar).


Preferred Certifications

* AWS Certified Security Specialty

* AWS Certified Solutions Architect Professional

* CISSP / CISM / CCSP / GCSA / GIAC Cloud Security Automation

Position: Cloud Security Architect Location: MarkhamON Position: Full time/Subcon Mode: Hybrid (Mandatorily need to visit office 3 days a week) Need 10 Years Profile only. Job Details: Top Capability skills required 1. AWS architect 2. AWS security SME 3. IT security background Senior AW...
View more view more

Key Skills

  • APIs
  • Pegasystems
  • Spring
  • SOAP
  • .NET
  • Hybris
  • Solution Architecture
  • Service-Oriented Architecture
  • Adobe Experience Manager
  • J2EE
  • Java
  • Oracle
Apply Now

About Company

Recutify Inc.
Company Logo
View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click

AI AutoApply

AI Resume Builder

Create an ATS-ready CV in minutes

AI Resume Builder

AI Cover Letter

Write a personalized letter instantly

AI Cover Letter

Related Jobs

Salesforce Business Analyst – Salesforce Service Cloud

Astra North Infoteck Inc.

profile Toronto

Linux Systems Administrator – RHEL, Security, OS Patching, Ansible

Astra North Infoteck Inc.

profile Toronto

Security Agent

Accorhotel

profile Jasper

Bilingual Solution Architect SAP HR

Software International

profile Montreal

Security Analyst

Medavie

profile Saint John

Security Team Lead

The Department Of Security Services

profile Calgary

Technical Architect Amazon Connect

Zendesk

profile Montreal

Business Development Representative (Cloud AWS)

Adastra Corporation

profile Markham
  1. Home
  2. Jobs In Canada
  3. Jobs In Markham
  4. Cloud Security Architect
About Dr.Job

Dr.Job is an AI-powered career platform that bridges the gap between employers and talented job seekers. Since 2015, we have been one of the leading job portals in the UAE, trusted by thousands daily to find opportunities faster and smarter. Today, Dr.Job is expanding worldwide, connecting professionals and employers across borders. With AI-driven tools for resume building, interview preparation, and automated applications, Dr.Job empowers job seekers to land their dream roles and helps employers find top talent with accuracy and speed.

Follow Dr.Job
Payment accepted icon
Company
Popular Searches
Employer
Quick Links
Job seeker
Jobs by Countries

Dr Job FZ LLC. 2025 © All Rights Reserved

Terms of Use. Privacy Policy. Cookie Policy