Trident Consulting is seeking a "Senior Cloud Security Architect" for one of our clients in "Oakland, CA ". A global leader in business and technology services
Position- Senior Cloud Security Architect
Location – Oakland, CA - Hybrid- 3 days onsite, 2 days remote
Mode – Contract - W2
Project Overview
The project aims to enhance the cloud security posture of Company by designing, implementing, and optimizing security controls and architecture within Microsoft Azure. The Senior Cloud Security Architect will focus on aligning cloud security strategies with industry best practices, compliance requirements, and organizational objectives. Additionally, this engagement includes training Company's current staff on Azure security best practices, tools, and processes, along with thorough documentation of all work performed.
Scope of Work
The Senior Cloud Security Architect will provide 960 hours of services over the course of this engagement.
The key deliverables and responsibilities include:
- 2.1. Security Assessment and Strategy Development
- Current State Analysis: Conduct a comprehensive security assessment of the existing Azure
- environment, including identity and access management, network security, data protection, and monitoring.
- Risk Assessment: Identify potential security risks, vulnerabilities, and gaps in the existing setup.
- Security Strategy Development: Develop a cloud security strategy that aligns with the organization's business objectives and compliance requirements (e.g., GDPR, HIPAA).
Security Architecture Design
- Architecture Blueprint: Design a scalable and robust security architecture for the Azure
- environment, including identity management, network segmentation, data encryption, and
- logging/monitoring solutions.
- Security Controls: Define and implement security controls that mitigate identified risks, including
- Azure-specific security services such as Azure Security Center, Azure Policy, Azure Blueprints, and Azure Sentinel.
- Integration Planning: Develop an integration plan for security tools and technologies, ensuring
- seamless interaction with existing on-premises and cloud resources.
Implementation and Configuration
- Azure Security Configuration: Configure and deploy security features and tools within Azure,
- including Azure Active Directory (AAD), Multi-Factor Authentication (MFA), Azure Key Vault, and Network Security Groups (NSGs).
- Automation and DevSecOps: Implement automation scripts and templates (e.g., ARM templates, Terraform) for security configurations and integrations.
- Incident Response Setup: Design and implement an incident response plan within Azure,
- including configuring alerts, logging, and automated responses to security incidents.
Compliance and Governance
- Compliance Alignment: Ensure that the Azure environment adheres to relevant regulatory
- requirements and industry standards (e.g., CIS Benchmarks, NIST).
- Governance Framework: Establish a governance framework for continuous compliance
- monitoring, reporting, and policy enforcement using Azure Policy and Azure Blueprints.
- Documentation: Develop and maintain detailed documentation of the security architecture,
- configurations, and governance processes.
Training and Knowledge Transfer
- Staff Training Program: Develop and execute a training program tailored to the needs of Company's staff. This will include:
- Azure Security Fundamentals: Training on the basics of Azure security tools, best practices, and common configurations.
- Advanced Security Topics: In-depth sessions on identity management, threat protection, compliance, and monitoring within Azure.
- Hands-On Workshops: Practical workshops where staff will configure and manage
- security tools within the Azure environment under the guidance of the consultant.
- Training Materials: Provide comprehensive training materials, including presentations, manuals, and video tutorials that Company staff can refer to after the engagement.
- Documentation Handover: Deliver detailed documentation on all work performed, including architecture designs, configurations, policies, and processes, ensuring that Company staff can maintain and expand upon the implemented solutions independently.
About Trident: Trident Consulting is an award-winning IT/engineering staffing company founded in 2005 and headquartered in San Ramon, CA. We specialize in placing high-quality vetted technology and engineering professionals in contract and full-time roles. Trident's commitment is to deliver the best and brightest individuals in the industry for our clients' toughest requirements.
Some of our recent awards include: 2022, 2021, 2020 Inc. 5000 fastest-growing private companies in America 2022, 2021 SF Business Times 100 fastest-growing private companies in Bay Area