Lead Cloud Security Architect

Job Summary

As a Lead Cloud Security Architect, you will be responsible for designing, implementing, and maintaining robust security measures to protect our cloud infrastructure and applications. You will lead a team of cloud security engineers, collaborate with cross-functional teams, and ensure that security is integrated into all aspects of the development lifecycle. Your expertise will help us stay ahead of emerging threats and continuously improve our security posture. 

Key Responibilities

• Build and deploy security capabilities designed to secure code and production infrastructure throughout the CI/CD pipeline as well as non-production and production environments. 

• Identify and prevent the introduction of high-risk vulnerabilities to the production environment. 

• Leverage static and dynamic code analysis to security assess application and infrastructure code. 

• Implement and operationalize the AWS Security Pillar of the AWS Well-Architected Framework. 

• Implement and operationalize the GCP Google Cloud Architecture Framework. 

• Define, build, and maintain Cloud Security Policies, Standards, and Procedures that meet or exceed all required regulatory requirements. 

• Evaluate, implement, and operationalize a CSPM, CWPP, CNAPP solutions across multi-cloud. 

• Design and implement a Multi-Cloud Security Strategy (primarily for AWS and GCP). 

• Introduce commercial and vetted open-source solutions to secure and continuously monitor AWS cloud infrastructure, services, and workloads. 

• Help the application delivery and DevOps team detect and fix security vulnerabilities. 

• Leverage Terraform to automatically configure and maintain AWS cloud native and third-party security solutions. 

• Implement a strong identity foundation through least privilege policies. 

• Enable traceability/observability. 

• Apply security at all layers from PoP to endpoint. 

• Automate security best practices for scale and cost effectiveness. 

• Protect data at rest and in transit with proper classifications. 

• Keep people away from data to reduce or eliminate direct access or manual processing of data. 

• Prepare for security events to occur and build capabilities for SOC to be able to detect, contain, eradicate, and recover. 

• Leverage Python or Go to automate security acceptance testing. 

• Harden server operating systems and containers. 

• Review and analyze security event logs to support security incident response efforts. 

• Author and communicate blameless postmortems. 

• Lead and mentor a team of cloud security engineers, providing guidance and support for their professional development. 

• Collaborate with cross-functional teams to ensure security is integrated into all aspects of the development lifecycle. 

• Stay up-to-date with the latest security trends, threats, and technology solutions to continuously improve the organization's security posture. 

Required Qualification & Skills

• 3+ years of work experience securing and monitoring CI/CD pipelines and AWS cloud infrastructure. 

• 5+ years of cloud experience in IT field. 

• 7+ years of Information Technology or Information Security experience. 

• Ability to write Lambda functions in Python or Go. 

• Strong command and understanding of AWS and GCP Security Reference Architecture (SRA). 

• Strong understanding of basic AWS cloud internetworking concepts. 

• Experience leveraging AWS security and compliance services such as IAM, AWS WAF, and more. 

• Experience securing Kubernetes, containers, and microservices. 

• Experience using Terraform to deploy security-oriented infrastructure and configure security services. 

• Proven leadership skills with the ability to manage and mentor a team. 

• Excellent communication and collaboration skills to work effectively with stakeholders at all levels. 

• Strong problem-solving skills and the ability to think critically and strategically. 

Preferred Qualification

• Experience with commercial cloud native application protection platforms such as Prisma Cloud. 

• Working knowledge of GitLab. 

• Desirable Certifications: AWS SysOps Administrator, AWS Certified Solutions Architect, AWS Certified Security Specialty, equivalent GCP, OSCP, GWEB, and GCSA.  

Why Join Us?

• Work on Cutting-edge security projects that shape enterprise cybersecurity strategy.
• Collaborate with industry-leading security professionals and executives.
• Opportunity to influence security programs across the entire Caesars Empire environments nationwide.

 

At Caesars Entertainment, Inc., our Team Members create the extraordinary. We are the largest casino-entertainment company in the U.S. and one of the world's most diversified casino-entertainment providers. Since beginning in Reno, Nevada, in 1937, Caesars Entertainment has grown through the development of new resorts, expansions and acquisitions. Our resorts operate primarily under the Caesars®, Harrah's®, Horseshoe® and Eldorado® brand names. We focus on building loyalty and value with our guests through a combination of impeccable service, operational excellence and technological leadership. The company is committed to its Team Members, suppliers, communities and the environment through its PEOPLE PLANET PLAY framework.  

Our Caesars family is driven by our Mission, Vision and Values. We take great pride in living these values – Together We Win, All In On Service and Blaze the Trail – every day. Our mission, “Create the Extraordinary”. Our vision, “Create spectacular worlds. That immerse, inspire and connect you. We don’t perform magic; we create it with excellence. #WeAreCaesars”.  If you are ready to create some magic, we invite you to explore our dynamic, yet unique, career opportunities.