BluOcean Cyber
Website:
bluoceancyber.com
Job details:
About the Job
BluOcean Cyber is seeking a Security Architect to help design, lead, and mature security programs across cloud, application, product, and SaaS environments. This role is for a senior technical leader who can define architecture, guide implementation, lead programs, and elevate the work of others without necessarily serving as a people manager.
You will act as a trusted advisor and technical lead across complex client engagements, helping organizations identify risk, modernize security controls, and build scalable security programs. The ideal candidate brings strong foundational expertise in cloud and application/product security, the ability to lead cross-functional efforts, and the curiosity and adaptability to grow into deeper specialization across SaaS security and SaaS Security Posture Management.
This is a role for someone who can see the bigger picture, translate strategy into executable plans, and guide a team or program toward measurable outcomes.
What You’ll Do
- Lead the architecture and design of security programs across cloud, application, product, SaaS, and identity environments.
- Serve as a senior technical lead for client engagements, guiding engineers, consultants, and stakeholders through security assessments, architecture decisions, control implementation, and operational maturity.
- Lead security programs or workstreams from strategy through execution, including scope definition, roadmap creation, technical direction, stakeholder alignment, delivery oversight, and outcome measurement.
- Design secure reference architectures, implementation frameworks, control models, and reusable methodologies for cloud, application, product, and SaaS security.
- Advise security leaders, engineering teams, product teams, and IT stakeholders on practical approaches to reducing risk across modern technology environments.
- Evaluate cloud and application architectures for security gaps, misconfigurations, excessive permissions, insecure integrations, weak control coverage, and operational risk.
- Guide secure design reviews for cloud infrastructure, applications, APIs, SaaS platforms, product features, CI/CD pipelines, and third-party integrations.
- Provide technical oversight and quality assurance for security engineering work, ensuring recommendations are practical, consistent, and aligned to business risk.
- Mentor and guide security engineers or consultants, helping raise technical quality, strengthen delivery practices, and build team capability.
- Develop security roadmaps, maturity models, executive-ready recommendations, and implementation plans for client environments.
- Partner with internal teams to build repeatable offerings, delivery playbooks, architecture patterns, and client-facing collateral.
- Support the integration of security tooling and workflows across cloud-native security platforms, SIEM, SOAR, ITSM, CI/CD, vulnerability management, identity systems, and SaaS security tools.
- Translate complex technical findings into clear, actionable guidance for technical teams, executives, and business stakeholders.
What You’ll Need — Required
- 8+ years of progressive cybersecurity experience, including meaningful hands-on experience in cloud security, application security, product security, security architecture, or security engineering.
- Strong architecture-level knowledge of cloud security across AWS, Azure, or Google Cloud, including IAM, networking, logging, monitoring, encryption, workload security, secure configuration, and least privilege.
- Experience designing or leading security improvements for applications, products, APIs, cloud-hosted services, or modern engineering environments.
- Ability to assess complex technical environments, identify risk, prioritize remediation, and design practical security architectures.
- Experience leading a security program, technical workstream, or cross-functional initiative, including setting direction, coordinating contributors, tracking progress, and driving outcomes.
- Ability to guide and mentor engineers or consultants without requiring formal people-management responsibility.
- Strong understanding of identity and access management, including IAM, SSO, MFA, privileged access, role design, federation, SAML, OIDC, and identity-centric security risk.
- Working knowledge of secure SDLC, threat modeling, vulnerability management, DevSecOps, API security, and security architecture review practices.
- Experience applying security frameworks and control models such as NIST CSF, NIST 800-53, ISO 27001, SOC 2, CIS Benchmarks, CSA CCM, or similar.
- Strong communication and executive presence, with the ability to explain architecture decisions, risk tradeoffs, and program priorities to both technical and non-technical audiences.
- High ownership, accountability, and follow-through, with the ability to lead ambiguous work, create structure, and move teams toward completion.
- Strong foundational security knowledge and adaptability, with the ability to learn new domains, tools, platforms, and specialized technologies quickly.
What Sets You Apart — Preferred
- Experience securing enterprise SaaS platforms such as Microsoft 365, Salesforce, Google Workspace, ServiceNow, Workday, GitHub, or similar environments.
- Hands-on experience with SaaS Security Posture Management tools such as AppOmni, Falcon Shield, Obsidian Security, Reco, DoControl, Normalyze, or similar platforms.
- Experience leading or supporting SaaS security posture management programs, including SaaS misconfiguration management, identity risk, excessive permissions, OAuth app review, and third-party integration risk.
- Experience designing SaaS security reference architectures, governance models, or operational playbooks.
- Experience with SaaS-to-SaaS integrations, API permissions, OAuth scopes, service accounts, delegated access, and data exposure risk.
- Experience with CNAPP, CSPM, CWPP, CIEM, CASB, SASE, or cloud-native security platforms.
- Experience with infrastructure-as-code security, CI/CD security, container security, Kubernetes security, or product security programs.
- Proficiency with scripting or automation using Python, PowerShell, Bash, APIs, or similar tools.
- Experience building dashboards, metrics, control monitoring, compliance automation, or executive reporting for security programs.
- Experience developing reusable consulting methodologies, delivery frameworks, technical enablement, or go-to-market security offerings.
- Relevant certifications such as CCSP, CCSK, CISSP, AWS Security Specialty, Azure Security Engineer, Google Professional Cloud Security Engineer, CSSP, or similar.
Join BluOcean and be at the forefront of the SaaS security revolution. Here, you're not just consulting; you're leading the mission to transform how the world secures its SaaS landscape. If you are passionate about building resilient, posture-managed SaaS environments and have the deep SSPM expertise to back it up, we need you on our team.
Ready to lead from the front? Apply now.
Click on Apply to know more.