Principal Cloud Security Architect

Job Summary

Caesars Entertainment is seeking a Principal Cloud Security Architect to drive secure cloud architecture across AWS and GCP, ensuring security is integrated from code to cloud for Caesars Sportsbook, iGaming, and digital platforms. This role will embed security early in development (Shift Left) while enabling innovation at scale in highly regulated, high-traffic cloud environments.

The ideal candidate is a deep technical expert in AWS and GCP security, specializing in cloud-native security architecture, security automation, API security, WAF, CNAPP, and DevSecOps. This position will partner with engineering, fraud, and risk teams to develop defenses against fraud, cheating, and money laundering in sports betting and online gaming.

Key Responsibilities

• Develop and enforce secure-by-design principles for cloud-native applications on AWS and GCP.
• Embed security into DevSecOps pipelines, ensuring early detection of vulnerabilities (Shift Left).
• Architect zero-trust security models for cloud services, APIs, and microservices.
• Multi-Cloud Security Engineering & Automation
• Lead the deployment of AWS and GCP security services, including GuardDuty, Security Hub, IAM, WAF, Shield, Macie (AWS) and Security Command Center, IAM, and others.
• Implement automated security testing in CI/CD pipelines to ensure infrastructure-as-code (IaC) security compliance using Terraform, CloudFormation, and Kubernetes (EKS/GKE).
• Drive container security best practices in Kubernetes (EKS/GKE) and serverless security for Lambda and Cloud Functions.
• Architect API security frameworks for high-traffic sports betting and gaming applications.
• Design and enforce strong authentication, tokenization, and API gateway security.
• Deploy advanced AWS WAF, Google Cloud Armor, and API security solutions to detect and mitigate abuse, fraud, and bot traffic.
• Enhance cloud-native detection and response capabilities for fraud, arbitrage betting, identity abuse, and payment security.
• Implement behavioral analytics and ML-driven security detection to combat fraud, money laundering, and account takeovers.
• Work closely with AWS and GCP security teams to enhance cloud-native incident response capabilities.
• Ensure cloud security architecture aligns with PCI-DSS, ISO 27001, NIST, and gaming compliance regulations.
• Partner with fraud, legal, and compliance teams to enforce AML (Anti-Money Laundering) and KYC (Know Your Customer) security measures.
• Automate compliance monitoring across AWS and GCP environments.

Required Qualifications & Skills

• 5+ years of work experience securing and monitoring CI/CD pipelines and AWS cloud infrastructure.
• 7+ years of cloud experience in IT field.
• 10+ years of Information Technology or Information Security experience.
• Expertise in writing Lambda functions in Python or Go.
• Strong command and understanding of AWS and GCP Security Reference Architecture (SRA).
• Deep expertise in AWS and GCP security best practices, including IAM, VPC security, WAF, SIEM, CNAPP, and workload protection.
• Strong experience embedding Shift Left security in CI/CD pipelines with automated security testing.
• Hands-on experience securing high-traffic APIs, microservices, and Kubernetes (EKS/GKE) workloads.
• Experience mitigating API abuse, fraud, and adversarial traffic.
• Strong knowledge of cloud-native security tools and DevSecOps automation.
• Experience using Terraform to deploy security-oriented infrastructure and configure security services.
• Proven leadership skills with the ability to manage and mentor a team.
• Excellent communication and collaboration skills to work effectively with stakeholders at all levels.
• Strong problem-solving skills and the ability to think critically and strategically.

Preferred Qualifications

• AWS Security Specialty and Google Professional Cloud Security Engineer certifications.
• Experience securing real-time fraud prevention and identity security systems.
• Knowledge of ML-driven security analytics and adversarial threat detection.
• Experience with multi-cloud security strategies across AWS, GCP, and hybrid environments. 

At Caesars Entertainment, Inc., our Team Members create the extraordinary. We are the largest casino-entertainment company in the U.S. and one of the world's most diversified casino-entertainment providers. Since beginning in Reno, Nevada, in 1937, Caesars Entertainment has grown through the development of new resorts, expansions and acquisitions. Our resorts operate primarily under the Caesars®, Harrah's®, Horseshoe® and Eldorado® brand names. We focus on building loyalty and value with our guests through a combination of impeccable service, operational excellence and technological leadership. The company is committed to its Team Members, suppliers, communities and the environment through its PEOPLE PLANET PLAY framework.  

Our Caesars family is driven by our Mission, Vision and Values. We take great pride in living these values – Together We Win, All In On Service and Blaze the Trail – every day. Our mission, “Create the Extraordinary”. Our vision, “Create spectacular worlds. That immerse, inspire and connect you. We don’t perform magic; we create it with excellence. #WeAreCaesars”.  If you are ready to create some magic, we invite you to explore our dynamic, yet unique, career opportunities.