Dice is the leading career destination for tech experts at every stage of their careers. Our client, USG, Inc., is seeking the following. Apply via Dice today! **Cloud Security Architect** **Client:** **Ohio Department of Job and Family Services (JFS / ODJFS)** **Location: Columbus OH, Remote** In person interviews Candidates local to Columbus preferred Remote - in person for meetings as needed **Role Overview** The **Cloud Security Architect** will be responsible for establishing and operationalizing a **Cloud Security Architecture Program** within ODJFS. Working closely with the **IT Governance and Risk Management Office** , this role will lead the design, implementation, and governance of cloud security controls, tools, policies, and standards across cloud environments. **Key Responsibilities** - Lead evaluation, selection, and implementation of cloud security detection and monitoring tools (e.g., Microsoft Defender for Cloud, Defender for Identity) - Ensure cloud workloads and servers are securely configured and continuously monitored - Partner with DAS teams on implementation and rollout - Design and govern security for: - Cloud workloads - Containers and orchestration platforms (Docker, Kubernetes) - Integrate Cloud Security Architecture into DevSecOps / DevOps programs - Review and update cloud security policies, standards, and SOPs - Review project solutions for cloud security compliance - Participate in project teams to provide cloud security guidance - Train security team members on tools, processes, and best practices - Ensure effective knowledge transfer **Mandatory Skills & Experience Cloud Platforms** - Deep understanding of AWS, Azure, and/or Google Cloud Platform (Google Cloud Platform) - Experience with cloud-native services: - IAM - VPC / VNET - KMS - Security Groups / NSGs - Minimum 3 years experience as a cloud security practitioner **Security Architecture & Design** - Designing secure cloud architectures - Applying Zero Trust principles - Strong understanding of shared responsibility models **Identity & Access Management (IAM)** - Role-Based Access Control (RBAC) - Single Sign-On (SSO), MFA, federated identity - Privileged Access Management (PAM) **Network Security** - Firewalls, VPNs, segmentation, secure connectivity - Cloud-native network security controls **Data Protection** - Encryption at rest and in transit - Key management (KMS, HSM) - Data classification and Data Loss Prevention (DLP) **Compliance & Governance** - Experience with standards and frameworks: - NIST, CIS, ISO 27001, SOC 2, HIPAA, GDPR - Policy-as-code concepts (OPA, Sentinel, or similar) **DevSecOps & Automation** - Integrating security into CI/CD pipelines - Infrastructure as Code (IaC) security: - Terraform - CloudFormation - Security scanning tools: - Snyk - Checkov **Threat Modeling & Risk** - Identifying and mitigating cloud-specific threats - Experience using: - STRIDE - MITRE ATT&CK for Cloud **Desired Certifications** - Certified Cloud Security Professional (CCSP) - AWS Certified Security Specialty - Microsoft Certified: Azure Security Engineer Associate - Google Professional Cloud Security Engineer - CISSP **Experience Summary** - Minimum: 3 years of hands-on cloud security experience - Demonstrated thought leadership in AWS, Azure, or Google Cloud Platform security architecture eye