About the Company:
Our client is a multinational power management company with 2021 sales of $19.63 billion, dedicated to improving the quality of life and protecting the environment.
About the Role:
Location: Hybrid, this position can be located in the following locations: Cleveland OH, Pittsburgh PA, Raleigh NC, Plymouth MN, Peachtree City GA, and Rockville MD.
Salary: $150K – $184K, plus bonus
As a Cloud Solution/Application Architect you will be responsible for driving divisions application security transformation into the cloud platforms. You will work with divisions to develop secure applications and software running on the cloud. You will help with secure design decisions, driving DevSecOps framework and governance and help guide other security engineers in this area. You will interface and lead in-depth technical security architecture discussion with Developers, Enterprise Security Architects, solution architects and potential external customers
In this role you will:
- Act as subject matter expert regarding cloud security, DevSecOps, and associated tools; providing guidance and recommendations to team members and senior leadership.
- Be defining, deploying, and maintaining cloud application security standards and cloud security testing standards for the company’s Digital products
- Assist in driving the strategic direction of the DevSecOps Program framework through partnerships with engineering, operations, IT and the business
- Assist in defining KPI’s for the Cloud Application Security and advance the Cloud Application Security Program maturity and DevSecOps program efficiencies.
- Define Threat modeling framework and risk analysis of cloud applications and back-end components and Perform Threat Modeling on complex Cloud application security.
- Identify and recommend compensating controls to reduce risk of specific vulnerabilities.
- Participate in the evaluation and selection of vendors, security tools, and risk reporting systems.
- Help build the DevSecOps capabilities across Eaton through Training and development of new course content
- Create thorough documentation of solutions and best practices, developing knowledge base for use by the team members
- Research industry trends and new technologies; implementing new procedures as needed to improve cloud security infrastructure
- Experience handling diverse IT / Cloud environments (Azure, AWS, GCP, etc.) within a Multi-national large-scale Enterprise is highly preferred.
- Technical Certifications related to Cloud Security (e.g., Azure, Amazon Web Services, Google, security certifications) like CCSP, OSCP, GPCS, GCPN, GCSA.
- Experience implementing compliance framework such as CIS Benchmarks, CSA Cloud Controls Matrix(CCM 4.0) and NIST CSF
- Experience in designing a Zero Trust strategy and architecture
- Experience in developing & deploying Governance Risk Compliance (GRC) technical strategies and security operations strategies