Duration: 1 year with possible extension or direct hire. Candidate selected must be eligible to work directly for the State of Michigan.

Remote or On-site: Candidates must be currently local within a commutable distance, no more than 1-1.5 hours. Manager is not interested in candidates who would need to relocate to accept the role. Position will be hybrid, in office 2 days a week upon start.

Short Job Description

Cloud Security Architect who is passionate about designing and building secure Cloud platforms. This position is primarily responsible for ensuring the State’s Cloud environments - Azure, GCP and AWS – meet or exceed applicable requirements and design best practices. The ideal candidate will feel comfortable working alone or within group environments, partnering with distributed teams to help construct and maintain the State’s Cloud infrastructure. Specifically, this candidate will help lead efforts to implement security patterns with orchestration and automation tools that automate the secure configuration, verification, compliance, and authorization of systems. They will be a key member of a team of Security Architects tasked with maturing the organization's security posture.

Long Job Description

Functional Knowledge, skills and duties:

• Creation of secure design patterns for Cloud applications hosted within AWS, Azure and GCP
• Evangelize security concepts having to do with Cloud environments, including virtualization, containers, networking, datacenter operations and infrastructure.
• Serve as the Cloud Security subject matter expert with the ability to communicate security risks to different audiences and technical skillsets.
• Create standards, policies, procedures, and best practice documentation as needed.
• Participate in cross-functional groups building and supporting the organization’s Cloud infrastructure.
• High level of knowledge with various compliance frameworks, such as FISMA, FedRAMP, Pub 1075, PCI-DSS, etc.
• Required to understand complex business technical requirements and ensure appropriate information security requirements are met.
• Ability to learn and evolve quickly as required by the nature of the environment.
• Cloud security visioning and dissemination by way of organizing discussions and presentations.
• Understand modern deployment tools and automation efforts that support DevSecOps
• Deployment of cloud infrastructure using orchestration tools, such as Terraform, Cloud Formation Templates, or ARM Templates
• Infrastructure as Code
• API, Serverless and Cloud-native application security
• Kubernetes, Web Applications Firewalls, Scripting and Identity Services

Requirements:

• 7 years of total IT related experience.
• 7 years in information security, with at least 5 years in a cloud security role.
• Security Certifications and Cloud Security Certifications are highly desirable.
• In-depth knowledge of Cloud security architecture, including public, private and hybrid models.
• Experience with DevSecOps or other Agile methodology.
• Excellent written and verbal communication skills
• Must be able to work hybrid schedule in office 2 days a week.