Cloud Security Implementation Lead or ArchitectAWS

Required Candidate Location: Hybrid NYC 1 day a week

We need a senior (13 years) Cloud Security Implementation Lead with experience moving networks to the AWS Cloud and supporting implementation of Palao Alto next generation firewalls. CANDIDATES MUST HAVE LEAD OR ARCHITECT EXPERIENCE TO Lead to design implement and lead enterprise cloud security initiatives within AWS environments. This role will focus on deploying and optimizing Palo Alto Networks security solutions across cloud and hybrid infrastructures. The ideal candidate will have deep expertise in Azure cloud architecture Palo Alto firewalls (including Prisma and VM-Series) network security and secure cloud transformation strategies. ***** PALTO ALTO IS THE PREFERRED FIRE WALL BUT ANY CLOUD FIRE WALLS WILL WORK. *** THE MANAGER WOULD LIKE TO SEE AWS AND/OR SECURITY CERTIFICATIONS.

Job Description:

We are seeking a highly experienced Security Engineer Cloud Implementation Lead to architect deploy and lead enterprise cloud security implementations within AWS environments. This role will be responsible for designing scalable and secure cloud infrastructure using Palo Alto Networks security platforms while driving best practices across AWS-native security services. The ideal candidate combines deep AWS architecture expertise with strong Palo Alto firewall Prisma Cloud and cloud network security experience.

Key Responsibilities

• Lead the architecture and implementation of secure AWS cloud environments across multi-account and hybrid deployments.
• Design and deploy Palo Alto Networks VM-Series firewalls Panorama and Prisma Cloud within AWS.
• Implement secure AWS network architectures including VPC design Transit Gateway Direct Connect NAT Gateway Security Groups and NACLs.
• Develop cloud security reference architectures aligned with NIST CIS ISO 27001 and industry best practices.
• Lead Zero Trust network segmentation and micro-segmentation initiatives across AWS workloads.
• Integrate Palo Alto security tools with AWS-native services such as GuardDuty Security Hub IAM CloudTrail and Config.
• Automate security deployments using Infrastructure-as-Code (Terraform CloudFormation).
• Conduct cloud security risk assessments architecture reviews and threat modeling exercises.
• Provide technical leadership and mentorship to engineering and DevOps teams.
• Support incident response efforts and continuous security posture improvement initiatives.
• Develop and maintain cloud security standards runbooks and implementation documentation.

Required Qualifications

• 7 years of experience in network and cloud security engineering.
• 3 years of hands-on AWS cloud security architecture and implementation experience.
• Strong expertise with Palo Alto Networks (VM-Series Prisma Cloud Panorama NGFW).
• Deep understanding of AWS networking IAM and multi-account security models.
• Experience with Zero Trust architecture and cloud segmentation strategies.
• Proficiency in automation and scripting (Terraform CloudFormation Python Bash).
• Strong knowledge of cloud compliance frameworks and regulatory requirements.

Preferred Certifications

• Palo Alto PCNSE
• AWS Certified Security Specialty
• AWS Solutions Architect Professional
• CISSP or equivalent security certification

Key Competencies

• Cloud security architecture leadership
• Strong analytical and troubleshooting skills
• Experience leading enterprise-scale cloud implementations
• Ability to collaborate across infrastructure DevOps and security teams
• Excellent communication and executive reporting skills