Cloud Security Architect - Senior Consultant

Position: IT Consultant 2/ ITC 2 Location: Columbus, OH Client: State of Ohio Agency: JFS Interview Type: in-person interview Position ID: 780531 The CloudSecurity Architect is responsible for the establishment of Cloud SecurityArchitecture program within ODJFS. This resource, working with the IT Governance and Risk Management Office will support the creation of Cloud Security Architecture program that will include: ·Leading the evaluation, selection, and implementation of Cloud Security detection and monitoring tools (i.e. Microsoft Defender for Cloud, Defender for Identity) ·These tools will monitor and scan Cloud workloads and servers to ensure they are securely configured (configuration management)and not vulnerable. ·Work with DAS teams for implementation ·Workloads, container, and orchestration (i.e. Docker /Kubernetes) security ·Leading and Incorporating Cloud Security Architecture into the DevSecOps /DevOps program ·Update any related Policy documents ·Established Standard Operating Procedures around and for Cloud Security Architecture ·Reviewing solutions for compliance to CloudSecurity ·Participating on Project Teams to advise on CloudSecurity ·Training Security Team members in related tools and processes (DAS and JFS) Knowledge transfer Mandatory Skills:

• Cloud Platforms (IaaS, PaaS, SaaS)
• Deep understanding ofAWS,Azure, and/orGoogle Cloud Platform (GCP)
• Familiarity with cloud-native services (e.g., IAM, VPC, KMS, Security Groups)
• Security Architecture & Design
• Designing secure cloud architectures
• ApplyingZero Trustprinciples
• Understanding ofshared responsibility models
• Identity and Access Management (IAM)
• Role-based access control (RBAC)
• Single Sign-On (SSO), MFA, and federated identity
• Privileged access management
• Network Security
• Firewalls, VPNs, segmentation, and secure connectivity
• Cloud-native network security tools (e.g., AWS Security Groups, Azure NSGs)
• Data Protection
• Encryption at rest and in transit
• Key management systems (KMS, HSM)
• Data classification and loss prevention (DLP)
• Compliance & Governance
• Familiarity with standards likeNIST,CIS,ISO 27001,SOC 2,HIPAA,GDPR
• Policy-as-code (e.g., using tools like OPA, Sentinel)
• DevSecOps & Automation
• Integrating security into CI/CD pipelines
• Infrastructure as Code (IaC) security (e.g., Terraform, CloudFormation)
• Security scanning tools (e.g., Snyk, Checkov)
• Threat Modeling & Risk Assessment
• Identifying and mitigating cloud-specific threats
• Using frameworks like STRIDE or MITRE ATT&CK for Cloud

· Desired Certifications/Skills:

• Certified Cloud Security Professional (CCSP)
• AWS Certified Security – Specialty
• Microsoft Certified: Azure Security Engineer Associate
• Google Professional Cloud Security Engineer
• CISSP (for broader security architecture knowledge)

Skills Required / Desired Required Amount of Experience in years Deep understanding of AWS, Azure, and/or Google Cloud Platform (GCP) Required Familiarity with standards like NIST, CIS, ISO 27001, SOC 2, HIPAA, GDPR Required Infrastructure as Code (IaC) security (e.g., Terraform, CloudFormation) Required Identifying and mitigating cloud-specific threats, Using frameworks like STRIDE or MITRE ATT&CK for Cloud Required experience in cybersecurity as a cloud practitioner with thought leadership in Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Required 3 Job Type: Contract Pay: $100.00 - $110.00 per hour Expected hours: 40 per week Application Question(s):

• Note: In person interview is required for this position. Are you available to go in person interview in Columbus, OH at ODJFS office?
• Please mention your location. _________

Experience:

• AWS, Azure, and/or Google Cloud Platform (GCP): 5 years (Required)
• NIST, CIS, ISO 27001, SOC 2, HIPAA, GDPR: 5 years (Required)
• IaC security (e.g., Terraform, CloudFormation): 5 years (Required)
• STRIDE or MITRE ATT&CK for Cloud: 1 year (Required)

License/Certification:

• Certified Cloud Security Professional (CCSP) (Preferred)
• AWS Certified Security – Specialty (Preferred)
• Microsoft Certified: Azure Security Engineer Associate (Preferred)
• Google Professional Cloud Security Engineer (Preferred)
• CISSP (for broader security architecture knowledge) (Preferred)

Work Location: Remote Apply tot his job Apply To this Job