Cloud Security Architect

Company Description

Nexthink is the global leader in digital employee experience management. Our products allow enterprises to create highly productive digital workplaces for their employees by delivering optimal end-user experiences. Through a unique combination of real-time analytics, automation and employee feedback, Nexthink gives IT teams the insight they need to empower people at work.

Headquartered in Switzerland with US headquarters in Boston, Nexthink also has offices in France, UK, Germany, Spain and UAE. Our growing team of Nexthinkers is proud to be making the digital work lives of nearly ten million employees across 1,000 customers more productive.

At Nexthink, we believe actions are stronger than words when it comes to diversity, inclusivity, and equity in the workplace. Nexthinkers are multinational and multilingual, and come from all walks of life. We are committed to hiring a genuinely representative workforce that can create solutions and foster innovation for the modern digital employee experience. Join us today!

Job Description

As a scale-up experiencing rapid growth, we are seeking a passionate and talented Cloud Security Architect to join our dynamic Security team. In this role, you will be responsible for the security hardening and architecture of our cloud infrastructure, ensuring the availability, performance, and security of our SaaS offering.

What you'll do:

• As a core member of the Cloud Security team, you will have a significant input in defining the direction and goals of the Cloud program.
• Design, implement, and maintain a secure and scalable cloud infrastructure on AWS considering both cloud environment and applications.
• Design and implement security controls to safeguard cloud resources, including data storage, networking, computing and identity and access management.
• Develop and maintain incident response plans specific to cloud environments.
• Respond to security incidents and provide post-event analyses.
• Proactively identify and mitigate security risks in our cloud environment, conducting regular security assessments and vulnerability scans, leveraging tools like CNAPP.
• Collaborate with SRE and operations teams to ensure the secure deployment and operation of our applications and services.
• Automate security controls and processes to improve efficiency and reduce human error.
• Stay current with the latest cloud security threats, vulnerabilities, and industry best practices.
• Contribute to the development and implementation of our cloud security strategy.
• Work closely with other Engineering teams to understand their requirements and ensure security measures align with overall business objectives. 
• Manage security tools, systems, and services (SIEM, EDR, etc.), develop and maintain metrics for performance and risk monitoring.
• Maintain and contribute to our cloud security training program for engineering teams.

Qualifications

What you'll need:

• 7+ years of hands-on experience in designing, building, and securing cloud infrastructure on AWS, with a deep understanding of AWS security services and best practices.
• Strong hands-on experience with Kubernetes, containerization technologies, and infrastructure-as-code tools (e.g., Terraform, Terragrunt, Ansible, Crossplane).
• Expertise in network security, including firewalls, VPNs, and intrusion detection systems.
• Solid understanding of identity and access management (IAM) principles and best practices.
• Experience with security automation and DevSecOps practices.
• Excellent problem-solving and troubleshooting skills with attention to detail.
• You are motivated by solving complex problems and building secure, resilient systems.
• You are a strong advocate for security best practices and can effectively communicate complex security concepts to technical and non-technical audiences.
• You are a constant learner and thrive in a fast-paced, dynamic environment.
• You possess Strong communication and collaboration skills, and you are a team player with a proactive approach.
• Strong communication and collaboration skills.
• Fluent in English, both written and spoken.

Bonus points:

• Experience with other cloud platforms (e.g., Azure).
• Proficiency in Python, Golang. JavaScript/TypeScript is a plus.
• Experience with compliance standard, especially FedRamp and SOC2.
• Knowledge of security standards and frameworks such as CIS Benchmarks, NIST, and ISO 27001.
• Experience with security monitoring and incident response.

Additional Information

We are the pioneers and trailblazers of a global IT Market Category (DEX) that is shaping the future of how the world works, giving our customers’ IT Teams total digital visibility across their enterprise. Our innovative solutions integrate real-time analytics, automation, and employee feedback across all endpoints. This enables our IT teams to solve complex technical challenges, create ever more productive workplaces, and deliver happy, satisfied employees in the digital workplace.

With over 1000 employees across 5 continents, Nexthink operates as One Team, connecting, collaborating and innovating to continuously grow. We call our employees ‘Nexthinkers’ and our commitment to diversity, inclusion, and equity is second to none. We currently have over 75 nationalities working with us, from all cultures and backgrounds, speaking many different languages.

If you are looking for a change and like a nice atmosphere, lots of challenges, and having fun while working, this is a great opportunity for you! Check what we offer:

• 💼 Permanent Contract and a competitive compensation package (Stock Options also included).
• 📍 Amazing centrally located offices near the Bernabeu Stadium.
• 🩺 Private Health Insurance (Sanitas) and daily meal vouchers of 11 EUR will be entirely covered by us.
• 🏡 Hybrid work model balancing office and remote work, with a structured approach for new hires to foster connections and onboarding.
•  🏖️ Flexible Hours and unlimited vacation (employees have unlimited paid time off on top of the 23 days of holidays we offer) plus 3 company-paid volunteer days.
• 🤸 Up to 25 EUR per month for a gym subscription.
• 🛴 Flexible retribution plan for kindergarten & transport tickets. 
• 🧑‍🏫 Reimbursement of up to 50% of the cost of English & Spanish classes.
• 🍉 Fresh fruit, cookies, and occasionally some soft drinks as well. 
• 🍕 Regular company and team events like Pizza talks, Team Building activities, Christmas parties, hosting Meetups at the office and more!
• 📣  Bonuses for referring successful hires after three months of continuous employment.
• 🚚 We offer a relocation package to people who are coming from another country.

Please note that not all the benefits listed above are available for temporary, contract, and internship roles. To ensure you have the most up-to-date information, we recommend checking with your Recruitment Partner.