Principal Cloud Security Architect

Requirements

• Deep technical expert in AWS and GCP security, specializing in cloud-native security architecture, security automation, API security, WAF, CNAPP, and DevSecOps.
• Develop and enforce secure-by-design principles for cloud-native applications on AWS and GCP.
• Embed security into DevSecOps pipelines, ensuring early detection of vulnerabilities (Shift Left).
• Architect zero-trust security models for cloud services, APIs, and microservices.
• Implement automated security testing in CI/CD pipelines to ensure infrastructure-as-code (IaC) security compliance using Terraform, CloudFormation, and Kubernetes (EKS/GKE).
• Drive container security best practices in Kubernetes (EKS/GKE) and serverless security for Lambda and Cloud Functions.
• Architect API security frameworks for high-traffic sports betting and gaming applications.
• Design and enforce strong authentication, tokenization, and API gateway security.
• Deploy advanced AWS WAF, Google Cloud Armor, and API security solutions to detect and mitigate abuse, fraud, and bot traffic.
• Enhance cloud-native detection and response capabilities for fraud, arbitrage betting, identity abuse, and payment security.
• Implement behavioral analytics and ML-driven security detection to combat fraud, money laundering, and account takeovers.
• Work closely with AWS and GCP security teams to enhance cloud-native incident response capabilities.
• Ensure cloud security architecture aligns with PCI-DSS, ISO 27001, NIST, and gaming compliance regulations.
• Partner with fraud, legal, and compliance teams to enforce AML (Anti-Money Laundering) and KYC (Know Your Customer) security measures.
• Automate compliance monitoring across AWS and GCP environments.