Position: Senior Cloud Security Architect
Location: 1400 Tenth Street, Sacramento, CA 95814 (Onsite)
Duration: 12+ months contract
Position Summary:
The selected Cloud Security Engineer will support the Governor’s Office of Land Use and Climate Innovation (LCI) by architecting, deploying, and managing secure cloud infrastructure that meets LCI’s security and operational needs.
Qualifications:
- A minimum of five (5) years of experience in cloud networking architecture and cloud operations, with cloud access security broker (CASB) experience.
- A minimum of three (3) years of experience with configuration as code and infrastructure as code solutions such as Terraform, Ansible, PowershellDSC and GIT.
- A minimum of seven (7) years of network and encryption experience, including virtual private networks (VPNs), IPsec, SSL/TLS, LDAP, and public key infrastructure (PKI).
- A minimum of five (5) years of experience with scripting languages such as Python, PowerShell, and bash.
- A minimum of two (2) years of experience in the use of threat intelligence services in a production environment.
- A minimum of five (5) years of experience of a wide range of incident response, system configuration, vulnerability management, and hardening guidelines.
- A minimum of five (5) years of experience problem-solving abilities to manage complex local and international security requirements.
- A minimum of five (5) years of experience collaborating with technical and non-technical teams to promote ideas to support business enablement.
- A minimum of three (3) years of experience with Microsoft EntraID (Azure AD), AWS IAM policies, and role-based access control (RBAC).
- A minimum of three (3) years of experience in automating security tasks through APIs and cloud automation frameworks.
- A minimum of three (3) years of experience integrating security into DevOps pipelines, using Infrastructure as Code (IaC) tools like Terraform, AWS CloudFormation, or Azure ARM templates.
- A minimum of three (3) years of experience with security frameworks (e.g., NIST, CSF, ISO 27000 series, MITRE, OWASP).
- A minimum of three (3) years of experience with Zero Trust security models and Identity and Access Management (IAM), including Multi-Factor Authentication (MFA) and Privileged Access Management (PAM).
- Current certification in a minimum of two (2) of the following: MS Cybersecurity Architect Expert, Azure Security Engineer Associate, AWS Certified Security, CompTIA Cloud +, CompTIA Security +, Certified Cloud Security Professional (CCSP), GIAC Cloud Security Automation (GCSA)
