• Senior Cloud Security Architect

    Ralliant (Raleigh, NC)


    Hybrid

    Position Overview:

    The Senior Cloud Security Architect is responsible for designing and implementing secure cloud architectures that protect enterprise workloads, data, and identities across multi-cloud environments. This role provides strategic and technical leadership in cloud security, driving adoption of zero-trust principles, secure-by-design architecture patterns, and automated security controls. The architect collaborates closely with engineering, security, DevOps, and compliance teams to evaluate risks, define standards, and ensure the organization’s cloud platforms are resilient, compliant, and capable of supporting rapid innovation.

    Key Responsibilities

    + Define and maintain the cloud security architecture, ensuring alignment with organizational goals, regulatory requirements, and industry best practices.

    + Develop secure reference architectures, patterns, and guardrails for cloud workloads, data services, and platform components.

    + Architect solutions that embed security controls across compute, storage, networking, identity, and application layers.

    + Lead cloud threat modeling, security design reviews, and architectural risk assessments for new and existing systems.

    + Design and implement identity-first security using platforms such as Azure AD/Entra ID, AWS IAM, or Okta.

    + Establish and enforce RBAC/ABAC models, privileged access policies, MFA enforcement, conditional access, and identity lifecycle automation.

    + Architect secure authentication and authorization integrations using OIDC, OAuth2, SAML, SCIM, and workload identities.

    + Champion zero-trust principles across cloud environments, applications, and distributed systems.

    + Embed security-by-default into CI/CD pipelines through automated SAST, SCA, IaC scanning, secrets detection, and container image scanning.

    + Partner with platform and DevOps teams to integrate policy-as-code (OPA, Azure Policy, Sentinel) to enforce compliance and prevent misconfigurations.

    + Guide teams in designing secure deployment patterns, secretless authentication, and automated vulnerability remediation workflows.

    + Promote DevSecOps culture through enablement, documentation, and best practices.

    + Develop cloud security standards, security baselines, and operational best practices across multi-cloud environments.

    + Implement and manage CSPM, CWPP, and CIEM tools to continuously improve cloud security posture and identity governance.

    + Support compliance initiatives (SOC2, HIPAA, PCI, ISO 27001, FedRAMP, etc.) through policy enforcement, evidence gathering, and architectural controls.

    + Track emerging cloud risks, threat vectors, and vulnerabilities to ensure proactive security hardening.

    + Architect secure network architectures leveraging segmentation, firewalls, private endpoints, WAF, DDoS protection, and service mesh solutions.

    + Implement encryption strategies, key management, secrets management, and secure data flow patterns.

    + Work with SRE and security operations to design logging, telemetry, and cloud-native monitoring systems for threat detection and incident response.

    + Serve as the primary cloud security expert, advising engineers, architects, and leadership on risk, design decisions, and strategic initiatives.

    + Lead security design workshops and architecture review boards for major cloud projects.

    + Mentor engineering teams and foster a security-first mindset across the organization.

    + Communicate complex security concepts clearly to both technical and non-technical stakeholders.

    Qualifications

    + 7–12+ years in cloud security, cloud architecture, cybersecurity engineering, or similar fields.

    + Deep expertise with at least one major cloud provider (Azure, AWS, or GCP), with strong understanding of native security services.

    + Hands-on experience with IAM, network security, encryption, security automation, and cloud-native architecture.

    + Strong proficiency with Infrastructure-as-Code and DevSecOps tooling (Terraform, CI/CD, security scanners, policy-as-code).

    + Experience implementing or supporting compliance frameworks (SOC2, HIPAA, PCI, ISO 27001, etc.).

    + Strong scripting/programming skills (Python, PowerShell, Bash, Go preferred).

    + Excellent communication, analytical, and leadership abilities.

    Preferred Qualifications:

    + Experience with **CrowdStrike, Palo Alto Networks, CyberArk or Zscaler** platforms a plus.

    + Microsoft and AWS certifications.

    + Exposure to detection and response workflows and security operations center processes.

    + Strong problem-solving ability, curiosity, and willingness to learn new tools and techniques.

    + Excellent verbal and written communication skills, with attention to detail in documentation.

    + API integrations, PowerShell, and/or Python competency are highly desirable.

     

    Ralliant Corporation Overview

     

    Ralliant, originally part of Fortive, now stands as a bold, independent public company driving innovation at the forefront of precision technology. With a global footprint and a legacy of excellence, we empower engineers to bring next-generation breakthroughs to life — faster, smarter, and more reliably. Our high-performance instruments, sensors, and subsystems fuel mission-critical advancements across industries, enabling real-world impact where it matters most. At Ralliant we’re building the future, together with those driven to push boundaries, solve complex problems, and leave a lasting mark on the world.

     

    We Are an Equal Opportunity Employer

     

    Ralliant Corporation and all Ralliant Companies are proud to be equal opportunity employers. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity or expression, or other characteristics protected by law. Ralliant and all Ralliant Companies are also committed to providing reasonable accommodations for applicants with disabilities. Individuals who need a reasonable accommodation because of a disability for any part of the employment application process, please contact us at [email protected].

     

    Bonus or Equity

     

    This position is also eligible for bonus as part of the total compensation package.

    Pay Range

    The salary range for this position (in local currency) is 126,700.00 - 235,300.00