Cloud Security Architect

About the Role: Liminal Custody is seeking a highly skilled, hands-on Cloud Security Architect with 8–10 years of experience to lead the design, implementation, and continuous improvement of our AWS cloud security posture. The ideal candidate is a self-starter, technically strong, and able to work independently while collaborating with cross-functional teams. You will play a critical role in safeguarding our cloud infrastructure, ensuring compliance, and enabling secure business innovation.

Responsibilities

Cloud Security Architecture:

• Design, implement, and maintain secure AWS cloud architectures, embedding security best practices throughout the cloud lifecycle.
  
  

Security Engineering

• Develop and deploy security controls for identity and access management (IAM), data protection, network security, encryption, logging, and monitoring within AWS.
  
  

DevSecOps Integration

• Integrate security into CI/CD pipelines and Infrastructure as Code (IaC) using tools such as Terraform, CloudFormation, and security scanners.
  
  

Threat Modeling & Risk Assessment

• Conduct threat modeling, risk assessments, and vulnerability management for AWS workloads and cloud-native applications.
  
  

Security Automation

• Implement and manage security automation solutions, including SIEM, SOAR, and automated remediation tools.
  
  

Collaboration & Advisory

• Work closely with DevOps, engineering, and compliance teams to provide expert guidance on AWS security best practices and emerging threats.
  
  

Documentation & Training

• Develop and maintain comprehensive security documentation, runbooks, and deliver training to technical teams on AWS security practices.
  
  

Experience

Desired Candidate Profile:

• 8–10 years in information security, with at least 5 years focused on AWS cloud security architecture and engineering.
• Demonstrated hands-on experience designing and securing complex AWS environments.
  
  

Technical Proficiency

• Deep expertise in AWS security services (IAM, KMS, GuardDuty, Security Hub, WAF, CloudTrail, Config, Macie, Inspector, etc.).
• Strong understanding of network security concepts (VPC, subnets, NACLs, security groups, VPNs, Direct Connect).
• Proficiency with Infrastructure as Code (Terraform, CloudFormation) and automation tools (Python, Lambda, etc.).
• Experience integrating security into DevOps pipelines and using container security tools (ECR, ECS, EKS, etc.).
  
  

Security Frameworks & Compliance

• Solid understanding of security best practices and regulatory requirements (ISO 27001, PCI DSS, NIST, GDPR, etc.).
• Experience supporting audits and compliance initiatives in cloud environments.
  
  

Soft Skills

• Strong analytical, problem-solving, and communication skills.
• Self-motivated, proactive, and able to work independently with minimal supervision.
• Ability to mentor and upskill technical teams on cloud security.
  
  

Preferred Qualifications

• AWS Certified Security – Specialty, AWS Solutions Architect – Professional, or equivalent certifications.
• Experience with multi-cloud security (Azure, GCP) is a plus.
• Background in financial services or other highly regulated industries is advantageous.

Liminal Custody