Role Summary

The Cloud Security & Compliance Architect designs and governs security and compliance across hybrid environments, including AWS, Azure, and on-premise infrastructure.
This role ensures consistent security controls, regulatory compliance, and risk management across hybrid infrastructure platforms while enabling teams to move fast and safely.

Key Responsibilities:
Hybrid Security Architecture

Design end-to-end security architectures spanning AWS, Azure, and on-premise platforms
Define security standards for identity, networking, encryption, logging, and protection across hybrid environment
Ensure secure connectivity (VPN, ExpressRoute, Direct Connect) between cloud and on-prem systems
Review architecture and designs for security risks and compliance alignment

Identity & Access Management

Architect unified identity strategies (Azure AD / Entra ID, AD, IAM)
Implement least-privilege access, RBAC, and privileged access management
Integrate SSO and MFA across cloud and on-prem platforms

Compliance & Risk Management

Translate regulatory and internal requirements (ISO 27001, SOC 2, PCI DSS, HIPAA, GDPR, NIST) into technical controls
Lead hybrid cloud audits, risk assessments, and evidence collection
Maintain control mappings across cloud and on-prem technologies
Partner with legal, privacy, and risk teams on compliance initiatives

DevSecOps & Automation

Embed security and compliance controls into CI/CD pipelines
Promote infrastructure-as-code (Terraform, ARM/Bicep, CloudFormation) with security guardrails
Automate compliance monitoring, vulnerability management, and remediation
Integrate security tooling across cloud and on-prem platforms

Security Operations & Monitoring

Define centralized logging, monitoring, and alerting across hybrid environmet
Integrate SIEM/SOAR solutions for cloud and on-prem visibility
Support incident response, investigations, and root-cause analysis
Improve detection and response capabilities across platforms

Governance & Advisory

Establish hybrid cloud security governance, policies, and standarts
Act as a trusted advisor to engineering, infrastructure, and leadership teams
Evaluate and recommend cloud and hybrid security tools and vendors
Drive security awareness and best practices across teams

Required Qualifications:

8+ years of experience in security architecture, cloud security, or compliance
Hands-on experience securing AWS, Azure, and on-prem infrastructure
Strong knowledge of networking, IAM, encryption, and endpoint security
Experience with compliance frameworks and audits (ISO 27001, SOC 2, PCI DSS, HIPAA, NIST)
Experience with hybrid identity (AD, Entra ID), networking, and connectivity
Strong documentation and stakeholder communication skills

Preferred Qualifications:

Certifications: CISSP, CCSP, AWS Security Specialty, Azure Security Engineer
Experience with CSPM, SIEM, EDR, and vulnerability management tools
Knowledge of zero-trust and defense-in-depth architecture
Experience in highly regulated or enterprise environments

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability.

Employment Type: Full Time

Alternative Locations: Spain : Madrid

Travel Percentage: 0 - 10%

Requisition ID: 19838

Cloud Security & Compliance Architect

Job Description

See Your Match Score

More jobs at Straumann Group

More jobs at Straumann Group