AWS Cloud Security Architect- Remote (Anywhere in the U.S.)

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

We are seeking a highly skilled Cloud Security Architect with deep expertise in AWS to lead the design, assessment, and governance of secure cloud environments for our clients. This role is central to delivering security consulting engagements, including architecture design, risk assessments, compliance mapping, and cloud-native control implementation. The ideal candidate will combine technical excellence in AWS and multi-cloud platforms with strong client advisory skills, helping organizations enhance their security posture, implement scalable guardrails, and adopt modern DevSecOps and CNAPP practices. This position also involves mentoring junior staff, contributing to internal methodologies, and supporting pre-sales and solutioning efforts within a fast-growing consultancy environment.

Roles and Responsibilities:

• Design secure cloud architectures and reference models for AWS and multi-cloud environments
• Conduct in-depth cloud security assessments to identify security misconfigurations, architecture and cloud operations risks, and compliance gaps
• Advise clients on AWS identity and access management strategies including IAM roles, policies, federation, and ABAC/RBAC models
• Develop and implement cloud governance strategies including tagging taxonomies, policy enforcement with SCPs, RCPs, DPs, and Policy as Code patterns
• Perform threat modeling and risk assessments for cloud-native applications and workloads
• Guide secure implementation of Infrastructure as Code with Terraform, CloudFormation, and AWS CDK
• Integrate security controls into client CI/CD pipelines and DevOps workflows
• Understanding of CNAPP (CSPM, CIEM, and CWPP) tooling and how it may supplement and/or replace cloud-native solutions
• Work with internal pre-sales teams in identifying use-cases and opportunities for third-party security tooling (e.g., CNAPP, Secrets Management, data security, cloud detection and response, NHI, etc.)
• Map cloud security controls to regulatory frameworks like PCI, SOC 2, HITRUST, NIST, ISO 27001, etc.
• Assist clients with continuous compliance and audit readiness in cloud environments
• Prepare and present client deliverables such as security roadmaps, process improvements, gap analyses, architecture diagrams, cloud security strategies, and custom deliverables based on the needs of the client
• Lead AWS security workshops, technical interviews, and stakeholder briefings
• Contribute to internal methodologies, templates, and reusable assessment frameworks
• Mentor junior consultants and support knowledge sharing within the consultancy
• Assist with scoping and pre-sales activities including proposals and statements of work (SOWs)

Experience & Technical Proficiency

• Minimum of 5 years of designing AWS architecture and operating AWS workloads in medium to large AWS environments
• AWS knowledge must include networking, data security, identity and access management, and automation, and extensive hands-on with Amazon’s cloud-native security tooling services
• Strong knowledge of IAM patterns (RBAC, ABAC), federated access, permission boundaries, SCPs, and RCPs
• Proficiency in Infrastructure as Code (Terraform, CloudFormation) and secure coding practices
• Experience with CIEM, CSPM, or CWPP tools
• Skilled in threat modeling, risk analysis, and mapping controls to frameworks (e.g., NIST, CIS, MITRE ATT&CK)
• Development knowledge or experience with Infrastructure as Code (IaC), such as Terraform, CloudFormation, or CDK
• Working knowledge with the Cloud Security Alliance (CSA) Cloud Control Matrix (CCM)
• Familiarity with DevSecOps practices and integrating security into CI/CD pipelines
• Scripting or automation skills (e.g., Python, Bash, or PowerShell)

Leadership and Collaboration

• Ability to lead technical workshops, discovery sessions, and architecture reviews with clients
• Comfortable advising both technical and non-technical stakeholders on cloud security strategy
• Skilled in producing high-quality deliverables and communicating complex concepts clearly
• Experience mentoring junior staff or guiding cross-functional teams on cloud security best practices
• Collaborative mindset with a strong consulting presence and client service orientation

Education & Certifications

• Bachelor’s or equivalent experience in Cybersecurity, Computer Science, Engineering, or related field.
• Preferred certifications:
  • CISSP, CCSP, CCSK
  • AWS Cloud certifications: AWS Certified Security – Specialty, AWS Certified Solutions Architect – Professional
  • Other CSP Certifications: Microsoft Certified: Azure Security Engineer Associate, Google Professional Cloud Security Engineer
• Ongoing commitment to professional development and staying current with cloud and security trends and certifications.

We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don't miss updates on your application.

Why GuidePoint?

GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1000 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 4,200 customers.

Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.  

This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.

Some added perks….

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option