We are looking for a Cybersecurity Architect to join a large-scale cloud platform transformation initiative. This role will be responsible for assessing the current security posture, identifying critical gaps, and embedding enterprise security standards into a federated platform engineering model from day one. You will work closely with platform and product teams to ensure security is built into the foundation of the new operating model while enabling self-service and team autonomy.
The role requires advanced or fluent English to collaborate with distributed teams across the US, Brazil, London, and India, as well as availability to travel to London for periodic on-site engagements.
Assess the current cloud and infrastructure security posture across AWS environments, Kubernetes platforms, and supporting services
Identify critical gaps and define a prioritized roadmap for improving security maturity across identity, runtime, network, and platform layers
Define and implement enterprise security controls across IAM governance, workload/runtime posture, and DNS security
Embed security guardrails, standards, and policies into the Platform Engineering and Cloud Center of Excellence (CoE) frameworks from the beginning of the transformation
Partner with platform teams to design secure-by-default self-service infrastructure patterns, templates, and workflows
Establish identity and access governance models including account strategy, role design, least-privilege policies, and federated access
Design and implement security standards for Kubernetes and containerized workloads, including supply chain security, workload isolation, and runtime protection
Define DNS and network security practices, including private networking, segmentation, service discovery, and threat protection
Collaborate with DevSecOps teams to integrate automated security testing, policy enforcement, and compliance checks into CI/CD pipelines
Support the creation of security observability, monitoring, incident response, and threat detection capabilities across the platform
Provide security leadership and mentoring to engineering teams to promote security ownership and best practices
Support organizational change management and stakeholder alignment to ensure security adoption across teams
Continuously evolve the security framework as the platform and operating model mature
Strong years of experience in cybersecurity, cloud security, or platform security roles
Deep expertise in AWS security, including IAM, Organizations, SCPs, GuardDuty, Security Hub, CloudTrail, KMS, and networking security
Strong experience securing Kubernetes environments, particularly Amazon EKS, including workload identity, network policies, secrets management, and runtime security
Experience designing and implementing enterprise IAM governance and access control models
Hands-on experience with DevSecOps practices and integrating security into CI/CD pipelines
Strong understanding of cloud networking, DNS security, and zero-trust architectures
Experience building security guardrails and policy-as-code using tools such as Terraform, OPA, or similar technologies
Experience performing security posture assessments, threat modeling, and risk prioritization
Strong strategic thinking with the ability to balance security, developer experience, and delivery speed
Excellent communication and stakeholder management skills across technical and executive audiences
Experience working in distributed, international teams in complex and fast-changing environments