Senior Cloud Security Architect (Azure + AWS)

Location: Remote

Engagement: Contract / Project-Based

Experience: 8+ Years in Cloud Security

Work Timings: Overlapping few hours with California Time Zone

About the Role

We are looking for an experienced Senior Cloud Security Architect with strong hands-on expertise in Azure Policy (JSON), KQL, Microsoft Defender for Cloud (CSPM + CWPP) and cross-cloud security governance.

The role involves converting paper-based security policies into measurable, enforceable technical controls across Azure and AWS, aligned with the Microsoft Cloud Security Benchmark (MCSB).

Key Responsibilities

* Translate existing paper policies into actionable, technical security controls across Azure and AWS.

* Develop, validate, and operationalize 800+ Azure Policy controls using JSON.

* Build Defender for Cloud Custom Security Standards & Recommendations for AWS using KQL.

* Implement Microsoft Cloud Security Benchmark (MCSB) aligned guardrails.

* Lead unified cloud posture monitoring across Azure and AWS using Microsoft Defender for Cloud.

* Provide guided remediation strategies leveraging Azure native and AWS native controls.

* Document exceptions, deviations, and approval workflows.

* Build evidence collection mechanisms and dashboards showcasing compliance posture.

* Work closely with internal teams to standardize Policy-as-Code implementation.

Required Skills & Expertise

Cloud Security & Governance

* Strong experience with Microsoft Defender for Cloud (CSPM + CWPP)

* Deep understanding of Azure Policy and custom policy authoring (JSON)

* Hands-on KQL experience for security standards & evidence generation

* Experience with AWS Security Hub, Config, IAM, GuardDuty

* Strong understanding of cloud security frameworks (MCSB, CIS, NIST 800-53, ISO 27001)

TechnicalSkill

* Azure Policy-as-Code implementation

* Cross-cloud security posture management (Azure + AWS)

* KQL for custom security insights

* JSON-based guardrails & automation

* Familiarity with Terraform/Bicep/ARM (nice to have)

Nice to Have

* Experience building cloud landing zones with security guardrails

* Previous consulting or enterprise architecture experience

* Certifications preferred:

* AZ-500, SC-100, SC-200

* AWS Security Specialty

* CISSP / CCSP

Who Should Apply

This role is ideal for senior professionals who have implemented cloud security baselines at enterprise scale and can bridge governance, architecture, and hands-on engineering.