Cloud Security Architect - AWS jobs in United States
cer-icon
Apply on Employer Site
company-logo

DATAECONOMY · 11 hours ago

Cloud Security Architect - AWS

positionBoston, MA
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
date10+ years exp

DATAECONOMY is one of the fastest-growing Data & Analytics companies with a global presence. They are seeking an experienced AWS Cloud Security Architect to design, implement, and govern security controls across their cloud platforms, ensuring alignment with best practices and industry standards.

AnalyticsArtificial Intelligence (AI)Big DataCloud ComputingComputerData GovernanceData ManagementInformation ServicesInformation TechnologySoftware
check
H1B Sponsor Likelynote

Responsibilities

Design and own end-to-end security architecture on AWS, ensuring alignment with best practices and industry standards (CIS, NIST, ISO 27001, etc.)
Define and maintain secure reference architectures for VPC, network segmentation, IAM, encryption, logging, and monitoring
Evaluate and recommend AWS native security services (e.g., IAM, KMS, Security Hub, GuardDuty, WAF, Shield, Macie, Config) and third-party tools
Design and implement policy-as-code solutions using Open Policy Agent (OPA) and Rego for:
Kubernetes admission control (e.g., Gatekeeper)
API authorization
CI/CD checks (e.g., Terraform plan validation, image scanning gates)
Define reusable policy libraries and guardrails to enforce security, compliance, and governance across environments
Integrate OPA with developer workflows and pipelines, enabling shift-left security with automated policy checks
Work closely with platform and DevOps teams to ensure OPA policies are scalable, testable, and observable
Establish and maintain cloud security standards, baselines, and guidelines for AWS accounts, workloads, and data
Work with Compliance / Risk teams to map OPA and AWS controls to regulatory requirements (e.g., GDPR, SOC 2, PCI-DSS as applicable)
Drive security posture management by leveraging tools such as AWS Config, Security Hub, CSPM platforms, etc
Implement infrastructure security controls through IaC (e.g., Terraform/CloudFormation) and policy-as-code
Collaborate with DevOps / SRE teams to embed security into CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, etc.)
Automate detection and remediation of security misconfigurations using Lambda functions, OPA policies, or other tooling
Act as a trusted security partner for application, data, and platform engineering teams
Review high-risk solutions and changes, providing security sign-off and architectural guidance
Lead threat modeling, security design reviews, and cloud security assessments
Provide mentoring and training on cloud security and OPA best practices to engineers and stakeholders

Qualification

AWS Cloud SecurityOpen Policy Agent (OPA)Infrastructure as Code (IaC)Cloud Security PrinciplesSecurity FrameworksScripting/Programming LanguageDevOps PracticesCollaborationLeadership

Required

10+ year of overall IT experience with at least 6+ years focused on cloud security (preferably AWS)
Strong, hands-on experience with AWS: VPC, Subnets, NACLs, Security Groups, IAM (roles, policies, permission boundaries), KMS, CloudTrail, CloudWatch, Config
Expertise in Open Policy Agent (OPA): Experience writing and maintaining Rego policies, Integration of OPA with Kubernetes, microservices, or CI/CD workflows
Solid understanding of cloud security principles: Identity and access management (IAM), Network security, segmentation, and zero-trust concepts, Encryption in transit/at rest, key management, Logging, monitoring, and incident detection
Experience with Infrastructure as Code (IaC) tools such as Terraform or CloudFormation
Familiarity with DevOps and CI/CD tools and practices
Strong knowledge of security frameworks and standards (CIS Benchmarks, NIST, ISO 27001, OWASP, etc.)
Proficiency in at least one scripting or programming language (e.g., Python, Go, Bash)

Preferred

Load Balancers, API Gateway, Lambda, ECS/EKS (optional but preferred)
Experience with Gatekeeper/Styra or equivalent solutions is a plus
Experience with Kubernetes security (EKS or other managed K8s)
Hands-on experience with container security (image scanning, runtime protection)
Exposure to CSPM, CWPP, or other security platforms (Prisma Cloud, Wiz, Lacework, etc.)
Security certifications such as AWS Certified Security – Specialty, CISSP, CISM, CCSP, or similar
Experience in highly regulated industries (finance, healthcare, etc.)

Benefits

Standard full-time benefits.

Company

DATAECONOMY

twittertwittertwitter
company-logo
Dataeconomy believes that the industry is pivotal, with considerable opportunities in re-imagining business models and scaling business.
dateFounded in 2018
location
Ohio, Illinois, USA
people-size201-500 employees
web-link
https://dataeconomy.io

H1B Sponsorship

DATAECONOMY has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (57)
2024 (33)
2023 (68)
2022 (46)
2021 (21)
2020 (10)

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Ravi Kopuri
Co-Founder and CEO
linkedin
leader-logo
Reginald Mathews
Co-Founder and CTO
linkedin
Company data provided by crunchbase