- 
        Architect, Cloud Security
- Breakthru Beverage Group (Denver, CO)
- 
             Time Type: Full time Remote Type: Job Family Group: Information Technology Job Description Summary: We are seeking an experienced Cloud Security Architect to manage and improve the design of a security architecture comprised of AWS, multi-cloud, hybrid, and operational technology environments. Job Description: This role follows a hybrid work schedule, with two days in the office and three days working remotely. It may be based out of any Breakthru Beverage office location. Interview Process: + **Phone Screen** - 30 minutes w/ Talent Acquisition + **Virtual Video Interview** - 30 minutes w/ Hiring Manager + **Panel Interview** **(Virtual via Microsoft Teams or In Person)** - 45 minutes w/ Business Partners + **Final Interview** **(Virtual via Microsoft Teams or In Person)** - 30 minutes w/ Hiring Manager Job Responsibilities: Cloud Security Architecture and Engineering + Design, engineer, and enhance the security architecture of the organization’s cloud environment as well as networking, local infrastructure, applications, and operational technologies. + Implement and leverage AWS-native security architectures including IAM, KMS, ACM, VPC, CloudTrail, Security Hub, GuardDuty, Macie, Detective, Security Lake, and Control Tower + Support the re-architecture and migration of Azure workloads to AWS. + Design and enforce Zero Trust security models to ensure protection of cloud and hybrid environments. Integration and Collaboration + Integrate AWS with enterprise security solutions including Zscaler, Splunk, and BeyondTrust + Collaborate with DevOps and cloud infrastructure teams to integrate security into DevOps pipelines with automation for exposure management, code scanning, and compliance validation. + Define and implement identity and access management (IAM) strategies, including federation, least privilege, just in time access, identity governance, and Zero Trust principles. Integrate with multiple IdPs including Entra ID and SAP IAS. Governance, Risk and Compliance (GRC) + Establish governance, risk, and compliance (GRC) frameworks for cloud adoption, including policy-as-code and automated compliance monitoring following industry best practices and standards. + Develop templates, accelerators, and reusable security artifacts that improve time-to-value and support consistent governance processes for IT and the business. + Stay current with AWS service releases, regulatory changes, and emerging cyber risks to provide risk management guidance. Response and Leadership + Support incident response and forensics in cloud environments with both native logging and detection capabilities and SIEM. + Provide thought leadership via security workshops, executive briefings, and architecture reviews. Other duties, as assigned by the jobholder’s supervisor, may also be required. Minimum Qualifications: + Bachelor's degree in computer science, information systems, or information technology, or equivalent work experience. + Minimum 10 years of IT Security experience, with 5 years focused on AWS architecture + AWS Solutions Architect – Associate Certification + CISSP Certification + Deep expertise in AWS-native and third-party security tools + Strong understanding of cloud governance, infrastructure as code (IaC), encryption, networking, and identity management. + Strone experience with Snowflake and S/4HANA + Hands-on scripting and automation (Python, Terraform) + Strong experience with Splunk + Experience with multi-cloud environments (AWS, Azure, M635) + Strong writing and communication skills across technical and executive audiences + Ability to multi-task, work independently and/or within a team, pay attention to detail and meet deadlines. + Utilize sound judgement, business acumen and problem-solving skills and ability to work in fast-paced, high-volume, team environment. Preferred Qualifications: + AWS Solutions Architect – Professional Certification + CCSP Certification + Master’s degree Physical Requirements: + While performing the duties of this job, the employee is required to remain in a stationary position at times; communicate, and operate a computer and telephone + . Competencies: + May help coordinate the work of junior members of the team. + Resolves issues which are often varied and non-routine. Undertakes analysis and investigation to solve issues. _This job description is only a summary of the typical functions of this position, not an exhaustive or comprehensive list of all possible job responsibilities, tasks and duties. Responsibilities, tasks, and duties of individual jobholders may vary from the above description._ _._ _Salary and Benefit Statement:_ Any offered salary is determined based on internal equity, internal salary ranges, market data/ranges, applicant’s skills and prior relevant experience. Annual Salary Range: $126,000.00 - $157,500.00 This position is eligible for health care benefits, life insurance, time off benefits and participation in the Company’s 401(k) plan - Breakthru Beverage Group is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information and other legally protected characteristics. The EEO is the Law poster is available here (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12ScreenRdr.pdf) . If you need a reasonable accommodation because of a disability for any part of the employment process, please call (708) 298-3536 and let us know the nature of your request and your contact information. 
 
 
-