Cybersecurity Architect, Cloud

Since our founding in 1924 weve cut cardiovascular disease deaths in half but there is still so much more to do. To overcome todays biggest health challenges and accelerate this progress we need passionate individuals like you. Join our movement be part of the progress and help ensure a healthier future for all. You matter and so does the impact you can make with us.

We are seeking a dynamic and highly skilled Cloud Security Architect to join our Business Technology Cybersecurity this role you will report to the Director of Cybersecurity Operations and be responsible for designing and implementing security solutions that protect workloads across our hybrid infrastructure spanning Microsoft Azure Amazon Web Services (AWS) on-premise data centers and SaaS-hosted applications.

The ideal candidate is a strategic thinker and problem solver who thrives in complex environments. Youll collaborate closely with infrastructure teams application developers DevOps and compliance stakeholders to architect secure scalable and resilient systems aligned with industry best practices and regulatory requirements.

The Association offers many resources to help you maintain work-life harmonization through your changing needs and life situations. To help you be successful you will have access to Heart U our award-winning corporate university as well as additional training and support locally.

#TheAHALife is more than a company culture; it is our way of life. It embodies our commitment to work-life harmonization and is guided by our core values where our employees can thrive both personally and professionally. Discover why you will Be Seen. Be Heard. Be Valued at the American Heart Association by following us onLinkedInInstagramFacebookX and .

Cloud Security Architecture

• Design and implement secure architecture patterns and controls across Azure AWS; and understand enforcement mechanisms through Cloud Security Posture Management
• Support secure migration and re-platforming of on-premise environments to cloud ecosystems
• Develop guardrails and hardening guidelines for IaaS PaaS and SaaS workloads
• Define and oversee cloud-native security controls - Azure Defender AWS Security Hub
• Deploy Cybersecurity Operations toolsets and hardening standards to all environments
• Collaborate with Application and Network Teams to configure Web Application Firewall (WAF) Technology to enforce security principles
• Define and enforce WAF and traditional Network Firewall Rules
• Support of Identity & Access Management efforts including Role-Based Access Control (RBAC) Privileged Identity Management (PIM) and Privileged Access Management (PAM)

Collaboration & Enablement

• Participate in Application Design and Development processes to provide security input and oversight from conception
• Partner with application development and infrastructure teams to embed security into CI/CD pipelines and DevOps processes
• Provide guidance and recommendations on remediation of vulnerabilities and misconfigurations identified from vulnerability assessment and posture management tools (e.g. vulnerability scanners SAST DAST CSPM
• Serve as a trusted advisor on cloud security issues across the enterprise

Security Engineering & Automation

• Support the secure adoption of automation tools as part of a movement towards DevSecOps using Infastructure as Code (IaC)
• Evaluate and integrate security tools throughout the enterprise ecosystems
• Support ingestion of logs into central SIEM for proactive monitoring and threat detection
• Conduct proactive threat hunting in cloud environments to identify and mitigate advanced threats
• Participate in Incident Response & Threat Modeling as part of normal job operations
• Collaborate with the SOC and incident response teams to investigate and mitigate threats
• Perform security reviews threat modeling and risk assessments for new and existing cloud services
• Actively participate in Incident Response Business Continuity and Disaster Recovery exercises and as needed if one should occur

Governance Risk & Compliance

• Ensure adherence to well architected frameworks and regulatory requirements (e.g. NIST CIS HIPAA FedRAMP SOC 2) and company-specific policies
• Support audits and compliance initiatives

Security Awareness & Mentorship

• Educate and mentor engineering and operations teams on secure architecture principles and emerging threats

• Bachelors or Masters degree in: Computer Science Information/Cyber Security Management Information Systems or equivalent experience
• Security certifications such as:
  • Security
  • CCSP
  • CISSP
  • AWS Certified Security Specialty
  • Azure Security Engineer Associate

• 8 years of experience in information security with 3 years in a cloud security architecture role
• Hands-on experience with major cloud platforms: Azure and AWS - multi-cloud experience is preferred
• Strong knowledge of cloud-native services identity and access management encryption key management and network security
• Demonstrated ability to work with on-prem infrastructure and SaaS-based solutions.
• Experience with SIEM / SOAR Technology CSPM CWPP IAM and PAM solutions
• Experience configuring and managing network security tools such as WAF and Firewall Configurations
• Ability to collaborate effectively with Infrastructure and Cloud Architects and engineers

Preferred

• Experience with security tools and platforms such as:
  • CrowdStrike Falcon Prevent CrowdStrike Falcon Cloud Defender for Cloud Sentinel Qualys
• Familiarity with Infrastructure as Code tools container security and API security
• Deep understanding of regulatory frameworks and security standards (e.g. NIST SOC 2 FedRamp HIPAA PCI-DSS)
• DevSecOps tooling experience including experience such as:
  • Azure DevOps Veracode Github
• Strong written and verbal communication skills with the ability to explain complex security topics to technical and non-technical stakeholders

The American Heart Association invests in its people. Here are the main components of our total rewards package. Visit Rewards & Benefits to see more details.

• Compensation Our goal is to ensure you have a competitive base salary. Thats why we regularly review the market value of jobs and make adjustments as needed.
  
  
• Performance and Recognition You are rewarded for achieving success through annual salary planning and incentive programs; based on type of position
  
  
• Benefits We offer a wide array of benefits including medical dental vision disability and life insurance along with a robust retirement program that includes an employer match and automatic contribution. As a mark of our commitment to employee well-being we also offer an employee assistance program employee wellness program and telemedicine and medical consultation.
  
  
• Professional Development You can join one of our many Employee Resource Groups (ERG) or be a mentor/mentee in our professional mentoring program. HeartU is the Associations national online university with more than 100000 resources designed to meet your needs and busy schedule.
  
  
• Work-Life Harmonization The Association offers Paid Time Off (PTO) at a minimum of 16 days per year for new employees. The number of days will increase based on seniority level. You will also have a total of 12 paid holidays off each year which includes several days off at the end of the year.
  
  
• Tuition Assistance - We support the career development of all employees. This program provides financial assistance to employees who wish to further their education and career in relation to their current duties and responsibilities or for potential future positions in the organization.

The American Heart Associations 2028 Goal: Building on over 100 years of trusted leadership in cardiovascular and brain health by 2028 the Association will drive breakthroughs and implement proven solutions in science policy and care for healthier people and communities. The greatest discoveries in health must reach everyone where they are.

At American Heart Association American Stroke Association our mission is to be a relentless force for a world of longer healthier lives regardless of race ethnicity gender gender identity religion age language sexual orientation national origin and physical or cognitive abilities.

This position not a match with your skills Click here to see other opportunities.

In accordance with local and state laws where applicable qualified applicants with arrest or conviction records will be considered for employment.

EOE/Protected Veterans/Persons with Disabilities