Cloud Security Architect (L3)
Larsen & Toubro-Vyoma
Job Description
Job Purpose
The Cloud Security Architect (L3) is responsible for defining enterprise cloud security strategy, architecture, governance, and security transformation initiatives across hybrid and multi-cloud environments. The role serves as the highest technical authority for cloud security architecture, drives cloud security engineering programs, supports advanced threat protection capabilities, and provides technical leadership for cloud-native security services, Zero Trust adoption, and regulatory compliance.
Roles & Responsibilities
- Define and maintain enterprise cloud security architecture and security reference models.
- Lead cloud security transformation programs across Global cloud providers like E2E cloud, AWS, Azure, GCP, and hybrid cloud environments.
- Design secure multi-cloud architectures incorporating Zero Trust, identity-centric security, and cloud-native controls.
- Architect and govern CNAPP, CSPM, CWPP, CIEM, CASB, and data security solutions.
- Define cloud security standards, policies, governance frameworks, and control baselines.
- Lead cloud security reviews for strategic programs, FWaaS, SASE, Zero Trust, and managed security services.
- Design cloud-native SOC, SIEM, XDR, and security analytics integrations.
- Provide L3/L4 escalation support for complex cloud security incidents and architecture-related issues.
- Lead threat modeling, cloud risk assessments, and security design reviews.
- Drive cloud security automation using APIs, SOAR, Infrastructure as Code, and DevSecOps practices.
- Engage with customers, auditors, regulators, and internal stakeholders on cloud security strategy.
- Evaluate emerging cloud security technologies and define technology roadmaps.
- Mentor cloud security engineers and architect.
Experience & Educational Requirement
BE/B-Tech or equivalent with Computer Science or Electronics & Communication
Certifications :- CISSP, CCSP, Microsoft SC-100 (Cybersecurity Architect), Microsoft AZ-500, AWS Security Specialty, Google Cloud Security Engineer, CISM
RELEVANT EXPERIENCE
- 8–15 years of cybersecurity experience.
- Minimum 5 years in enterprise cloud security architecture.
- Proven experience designing and securing large-scale E2E, AWS, Azure, and hybrid cloud deployments.
- Strong knowledge of Zero Trust, Identity Security, Data Protection, and Cloud Governance.
- Experience building cloud security operating models for MSSP, SOC, or enterprise environments.
- Strong understanding of cloud networking, SD-WAN, SASE, FWaaS, and cloud-native security architectures.
- Implement & Maintenance Experience of cloud network security controls such as security groups, firewalls, WAF, DDoS, micro-segmentation, EDR, DLP, PIM/PAM and secure connectivity etc.
- Experience leading cloud migration, modernization, and security transformation programs.
- Expertise in DevSecOps, Infrastructure-as-Code, container security, and Kubernetes security.
- Experience supporting compliance programs including ISO 27001, PCI-DSS, SOC2, HIPAA, RBI, or equivalent regulatory frameworks.
- Strong customer-facing, consulting, and technology leadership skills.
Tools / Tech
Splunk Enterprise Security, IBM QRadar, Elastic Security (ELK), Cortex XSOAR, Splunk SOAR, CrowdStrike Falcon, Palo Alto Networks, Fortinet FortiGate, Cisco Secure Firewall, Check Point, F5 BIG-IP, Imperva WAF, F5 Advanced WAF, Cloudflare WAF, CyberArk, Tenable Nessus, Qualys VMDR, Rapid7 InsightVM, VirusTotal, Syslog, Logstash, PowerShell, Python, Bash, REST APIs, Git, Docker, Kubernetes, Terraform, Ansible.
Similar Jobs
View all →
Security Operations Center (SOC) Manager
Ishan Technologies
Security Engineer
Synapse XTL
Cloud Security Engineering Lead - Platform
noon
Network Security Architect
Neurealm
IT Infrastructure & Compliance Engineer
MindInventory
Share
Quick Apply
Upload your resume to apply for this position