Cloud Security Architect

Cloud Security Architect

Who We Are Looking For

State Street Alpha is seeking a mid-level cloud security architect to ensure that cloud security, operations, IAM, and infrastructure designs meet security, regulatory and compliance requirements. This role sits within the Operational Governance and Compliance (OGC) team under CRD/Alpha Cloud Enablement and Platform Governance, focusing on cloud operations, cloud security posture, governance automation, issues management, and regulatory alignment across Azure and AWS environments.

This is an excellent opportunity for to work at the intersection of cloud architecture, regulatory compliance, and governance automation, ensuring that CRD/Alphas cloud-first strategy remains compliant with industry and global regulations.

Why This Role is Important

As part of Charles River Development (CRD) / State Street Alpha, this role will help define and implement cloud-native governance frameworks that meet compliance mandates from regulatory bodies. This role will assist team members in driving reusable patterns and governance frameworks to ensure secure, compliant, and scalable cloud adoption in a highly regulated financial services environment.

What You Will Be Responsible For

Cloud Governance & Regulatory Compliance Oversight

• Ensure cloud governance frameworks align with industry and enterprise security frameworks and policies.
• Review cloud infrastructure and application architecture for adherence to compliance and regulatory standards.
• Provide governance oversight of all operational activities and projects, ensuring compliance with regulatory and operational governance standards.
• Document governance frameworks and controls to support regulatory audits and assessments.
  
• Interface with internal audit and Office of COO Project Managers to help provide compliance evidence and documentation for all cloud operational activities.

Governance Automation & Compliance Controls

• Develop and implement governance automation solutions to enforce compliance at scale.
• Support continuous monitoring frameworks to proactively detect non-compliance in cloud deployments.

Cloud Security Posture and Vulnerability Management

• Conduct periodic compliance assessments on cloud security posture across Azure and AWS
• Provide governance oversight of Vulnerability Management by interfacing with SRE (Site Reliability Engineering) and BRM (Business Risk Management) teams.
• Periodically review and assess container vulnerability reports for any compliance violations with a call to action where necessary.

What We Value

• Knowledge of cloud and platform governance, compliance, and regulatory frameworks such as (but not limited to) NIST, CIS, SOC-2, DORA, GDPR, CCPA
• Ability to align cloud security and operations strategies with financial services regulations.

Looking to get Placed? Try our Placement Guarantee Plan

Get Hired
• Experience with Cloud native and Cloud Agnostic governance and compliance tools (e.g., Azure Policy, AWS Config, Jupiter One).
• Knowledge of financial services industry regulations impacting cloud adoption and platform architecture.
• Experienced in using Risk Management Framework tools such as Archer for issues and controls management
• Strong communication skills and ability to conduct meetings with cross functional teams involving Information Security Officers, Platform Engineers, Compliance teams, and Business Risk Managers in addition to product engineers and heads.
• Strong technical writing and documentation skills for regulatory frameworks and audit reporting.