Eclaro
Sr. Cloud Security Architect
Eclaro, Oakland, California, United States, 94616
Senior Cloud Security ArchitectJob Number: 24-02214
Use your skills where innovative technology solutions begin. ECLARO is looking for a
Senior Cloud Security Architect
for our client in
Oakland, CA.
ECLARO's client is a leading technology solutions provider, collaborating with customers to manage their needs and achieve success in their business goals. If you're up to the challenge, then take a chance at this rewarding opportunity!
Project Overview:The project aims to enhance the cloud security posture of Company by designing, implementing, and optimizing security controls and architecture within Microsoft Azure.The Senior Cloud Security Architect will focus on aligning cloud security strategies with industry best practices, compliance requirements, and organizational objectives.Additionally, this engagement includes training Company's current staff on Azure security best practices, tools, and processes, along with thorough documentation of all work performed.Scope of Work: The Senior Cloud Security Architect will provide 960 hours of services over the course of this engagement.Pay Rate:
85.00-90.00$/Hour
Responsibilities:
Security Assessment and Strategy Development:
Current State Analysis: Conduct a comprehensive security assessment of the existing Azure environment, including identity and access management, network security, data protection, and monitoring.Risk Assessment: Identify potential security risks, vulnerabilities, and gaps in the existing setup.Security Strategy Development: Develop a cloud security strategy that aligns with the organization's business objectives and compliance requirements (e.g., GDPR, HIPAA).
Security Architecture Design:
Architecture Blueprint: Design a scalable and robust security architecture for the Azure environment, including identity management, network segmentation, data encryption, and logging/monitoring solutions.Security Controls: Define and implement security controls that mitigate identified risks, including Azure-specific security services such as Azure Security Center, Azure Policy, Azure Blueprints, and Azure Sentinel.Integration Planning: Develop an integration plan for security tools and technologies, ensuring seamless interaction with existing on-premises and cloud resources.
Implementation and Configuration:
Azure Security Configuration: Configure and deploy security features and tools within Azure, including Azure Active Directory (AAD), Multi-Factor Authentication (MFA), Azure Key Vault, and Network Security Groups (NSGs).Automation and DevSecOps: Implement automation scripts and templates (e.g., ARM templates, Terraform) for security configurations and integrations.Incident Response Setup: Design and implement an incident response plan within Azure, including configuring alerts, logging, and automated responses to security incidents.
Compliance and Governance:
Compliance Alignment: Ensure that the Azure environment adheres to relevant regulatory requirements and industry standards (e.g., CIS Benchmarks, NIST).Governance Framework: Establish a governance framework for continuous compliance monitoring, reporting, and policy enforcement using Azure Policy and Azure Blueprints.Documentation: Develop and maintain detailed documentation of the security architecture, configurations, and governance processes.
Training and Knowledge Transfer:
Staff Training Program: Develop and execute a training program tailored to the needs of Company's staff. This will include:
Azure Security Fundamentals: Training on the basics of Azure security tools, best practices, and common configurations.Advanced Security Topics: In-depth sessions on identity management, threat protection, compliance, and monitoring within Azure.Hands-On Workshops: Practical workshops where staff will configure and manage security tools within the Azure environment under the guidance of the consultant.Training Materials: Provide comprehensive training materials, including presentations, manuals, and video tutorials that Company staff can refer to after the engagement.Documentation Handover: Deliver detailed documentation on all work performed, including architecture designs, configurations, policies, and processes, ensuring that Company staff can maintain and expand upon the implemented solutions independently.
Project Timeline and Milestones:
Kickoff Meeting: Week 1Security Assessment Completion: Week 6Strategy Development and Review: Week 8Security Architecture Design Approval: Week 12Implementation and Configuration: Weeks 13-36Compliance and Governance Framework Setup: Week 40Training Program Execution: Weeks 41-46Final Review and Knowledge Transfer: Week 47Project Closure: Week 48
Resource Requirements:
Personnel: Senior Cloud Security Architect with expertise in Azure.Tools: Access to Azure environments, security tools, and necessary licenses.Client Resources: Availability of key stakeholders for interviews, reviews, and approvals.
Deliverables:
Security Assessment ReportCloud Security Strategy DocumentSecurity Architecture BlueprintImplementation Plan and ConfigurationsCompliance and Governance FrameworkTraining Materials and SessionsFinal Project Documentation
Assumptions and Constraints:
Assumptions:
Company will provide necessary access to Azure environments and resources in a timely manner.Any required third-party tools and services will be procured by Company
Project Management and Reporting:
Weekly Status Reports: Updates on progress, risks, and any issues encountered.Bi-weekly Review Meetings: Review progress and adjust plans as necessary.
If hired, you will enjoy the following ECLARO
Benefits:
401k Retirement Savings Plan administered by Merrill LynchCommuter Check Pretax Commuter BenefitsEligibility to purchase Medical, Dental & Vision Insurance through ECLARO
If interested, you may contact:Jeanine Hastingsjeanine.hastings@eclaro.com646-755-9303Jeanine Hastings | LinkedIn
Equal Opportunity Employer:
ECLARO values diversity and does not discriminate based on Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.
Use your skills where innovative technology solutions begin. ECLARO is looking for a
Senior Cloud Security Architect
for our client in
Oakland, CA.
ECLARO's client is a leading technology solutions provider, collaborating with customers to manage their needs and achieve success in their business goals. If you're up to the challenge, then take a chance at this rewarding opportunity!
Project Overview:The project aims to enhance the cloud security posture of Company by designing, implementing, and optimizing security controls and architecture within Microsoft Azure.The Senior Cloud Security Architect will focus on aligning cloud security strategies with industry best practices, compliance requirements, and organizational objectives.Additionally, this engagement includes training Company's current staff on Azure security best practices, tools, and processes, along with thorough documentation of all work performed.Scope of Work: The Senior Cloud Security Architect will provide 960 hours of services over the course of this engagement.Pay Rate:
85.00-90.00$/Hour
Responsibilities:
Security Assessment and Strategy Development:
Current State Analysis: Conduct a comprehensive security assessment of the existing Azure environment, including identity and access management, network security, data protection, and monitoring.Risk Assessment: Identify potential security risks, vulnerabilities, and gaps in the existing setup.Security Strategy Development: Develop a cloud security strategy that aligns with the organization's business objectives and compliance requirements (e.g., GDPR, HIPAA).
Security Architecture Design:
Architecture Blueprint: Design a scalable and robust security architecture for the Azure environment, including identity management, network segmentation, data encryption, and logging/monitoring solutions.Security Controls: Define and implement security controls that mitigate identified risks, including Azure-specific security services such as Azure Security Center, Azure Policy, Azure Blueprints, and Azure Sentinel.Integration Planning: Develop an integration plan for security tools and technologies, ensuring seamless interaction with existing on-premises and cloud resources.
Implementation and Configuration:
Azure Security Configuration: Configure and deploy security features and tools within Azure, including Azure Active Directory (AAD), Multi-Factor Authentication (MFA), Azure Key Vault, and Network Security Groups (NSGs).Automation and DevSecOps: Implement automation scripts and templates (e.g., ARM templates, Terraform) for security configurations and integrations.Incident Response Setup: Design and implement an incident response plan within Azure, including configuring alerts, logging, and automated responses to security incidents.
Compliance and Governance:
Compliance Alignment: Ensure that the Azure environment adheres to relevant regulatory requirements and industry standards (e.g., CIS Benchmarks, NIST).Governance Framework: Establish a governance framework for continuous compliance monitoring, reporting, and policy enforcement using Azure Policy and Azure Blueprints.Documentation: Develop and maintain detailed documentation of the security architecture, configurations, and governance processes.
Training and Knowledge Transfer:
Staff Training Program: Develop and execute a training program tailored to the needs of Company's staff. This will include:
Azure Security Fundamentals: Training on the basics of Azure security tools, best practices, and common configurations.Advanced Security Topics: In-depth sessions on identity management, threat protection, compliance, and monitoring within Azure.Hands-On Workshops: Practical workshops where staff will configure and manage security tools within the Azure environment under the guidance of the consultant.Training Materials: Provide comprehensive training materials, including presentations, manuals, and video tutorials that Company staff can refer to after the engagement.Documentation Handover: Deliver detailed documentation on all work performed, including architecture designs, configurations, policies, and processes, ensuring that Company staff can maintain and expand upon the implemented solutions independently.
Project Timeline and Milestones:
Kickoff Meeting: Week 1Security Assessment Completion: Week 6Strategy Development and Review: Week 8Security Architecture Design Approval: Week 12Implementation and Configuration: Weeks 13-36Compliance and Governance Framework Setup: Week 40Training Program Execution: Weeks 41-46Final Review and Knowledge Transfer: Week 47Project Closure: Week 48
Resource Requirements:
Personnel: Senior Cloud Security Architect with expertise in Azure.Tools: Access to Azure environments, security tools, and necessary licenses.Client Resources: Availability of key stakeholders for interviews, reviews, and approvals.
Deliverables:
Security Assessment ReportCloud Security Strategy DocumentSecurity Architecture BlueprintImplementation Plan and ConfigurationsCompliance and Governance FrameworkTraining Materials and SessionsFinal Project Documentation
Assumptions and Constraints:
Assumptions:
Company will provide necessary access to Azure environments and resources in a timely manner.Any required third-party tools and services will be procured by Company
Project Management and Reporting:
Weekly Status Reports: Updates on progress, risks, and any issues encountered.Bi-weekly Review Meetings: Review progress and adjust plans as necessary.
If hired, you will enjoy the following ECLARO
Benefits:
401k Retirement Savings Plan administered by Merrill LynchCommuter Check Pretax Commuter BenefitsEligibility to purchase Medical, Dental & Vision Insurance through ECLARO
If interested, you may contact:Jeanine Hastingsjeanine.hastings@eclaro.com646-755-9303Jeanine Hastings | LinkedIn
Equal Opportunity Employer:
ECLARO values diversity and does not discriminate based on Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.