Product Security Architect – Cloud Applications & Infrastructure

VTekis Consulting LLP
Full_timeIrvine, United States

📍 Job Overview

  • Job Title: Product Security Architect – Cloud Applications & Infrastructure
  • Company: VTekis Consulting LLP
  • Location: Irvine, California, United States
  • Job Type: Contract
  • Category: Security Architecture
  • Date Posted: 2025-06-19
  • Experience Level: Mid-Senior level (5-10 years)

🚀 Role Summary

  • Cloud Security Specialist: Leverage deep cloud platform knowledge (AWS, GCP, Azure) to secure cloud-native applications and infrastructure.
  • Threat Modeling & Security Architecture: Create threat models, review product architectures, and ensure robust security controls.
  • Security Tooling & Automation: Automate security tooling and policy enforcement for AWS/GCP/Azure environments.
  • Incident Response & Compliance: Participate in security incident reviews and contribute to cloud compliance initiatives (SOC 2, ISO 27001, NIST).

📝 Enhancement Note: This role requires a strong background in cloud-native applications and infrastructure security, with a focus on protecting products like Protect App and Call Filter. The contractor will also act as a backup for cloud security SME testing, security reviews, and vulnerability management.

💻 Primary Responsibilities

  • Security Architecture & Design: Perform security design and architecture reviews for cloud-native products.
  • Threat Modeling: Create and maintain threat models for applications and infrastructure.
  • Security Controls Evaluation: Evaluate IAM, network, data protection, and logging/monitoring controls.
  • Security Tooling & Automation: Automate security tooling and policy enforcement for AWS/GCP/Azure environments.
  • Vulnerability Resolution: Support developers in resolving security vulnerabilities and misconfigurations.
  • Incident Response: Participate in security incident reviews and remediation strategies.
  • Cloud Compliance: Contribute to cloud compliance and governance initiatives (SOC 2, ISO 27001, NIST).

📝 Enhancement Note: This role requires a balance of technical depth and breadth, with a strong focus on cloud security, threat modeling, and security tooling. The ideal candidate will have experience working with development teams to identify and mitigate security risks.

🎓 Skills & Qualifications

Education: Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications (e.g., CISSP, CISM, CEH) are a plus.

Experience: 5-10 years of experience in cloud security, with a focus on cloud-native applications and infrastructure. Proven experience in threat modeling, security architecture, and security tooling.

Required Skills:

  • Deep understanding of cloud platforms (AWS, GCP, or Azure) and infrastructure-as-code (Terraform, CloudFormation).
  • Experience with security testing and tooling (e.g., Checkov, Trivy, ScoutSuite, Burp, Snyk).
  • Strong grasp of container security (Docker, Kubernetes, EKS/GKE/AKS).
  • Scripting and automation experience (Python, Bash, or similar).

Preferred Skills:

  • Experience with cloud compliance and governance (SOC 2, ISO 27001, NIST).
  • Familiarity with cloud security frameworks (CIS Benchmarks, NIST SP 800-53, NIST SP 800-171).
  • Knowledge of cloud security best practices and emerging threats.

📝 Enhancement Note: While not explicitly stated, it's implied that the ideal candidate will have strong communication skills and the ability to work effectively with development teams. Experience with Agile methodologies and familiarity with development processes would also be beneficial.

📊 Web Portfolio & Project Requirements

Portfolio Essentials:

  • Cloud Security Projects: Demonstrate experience in cloud security, with a focus on cloud-native applications and infrastructure.
  • Threat Modeling: Showcase threat modeling projects or case studies, highlighting your ability to identify and mitigate security risks.
  • Security Tooling: Highlight projects that involve security tooling and automation, with a focus on cloud environments.
  • Incident Response: Include examples of incident response projects or case studies, demonstrating your ability to participate in security incident reviews and remediation strategies.

Technical Documentation:

  • Security Architecture Documentation: Provide examples of security architecture documentation, demonstrating your ability to create and maintain threat models and evaluate security controls.
  • Security Tooling & Automation: Include documentation related to security tooling and automation, highlighting your ability to automate security tooling and policy enforcement for AWS/GCP/Azure environments.
  • Incident Response Documentation: Provide examples of incident response documentation, demonstrating your ability to participate in security incident reviews and remediation strategies.

📝 Enhancement Note: While not explicitly stated, it's implied that the ideal candidate will have a strong portfolio that demonstrates their technical skills and experience in cloud security. The portfolio should highlight the candidate's ability to work with development teams to identify and mitigate security risks, with a focus on cloud-native applications and infrastructure.

💵 Compensation & Benefits

Salary Range: $120,000 - $160,000 per year (USD), based on experience and qualifications. This estimate is based on market research for cloud security architects in the Irvine, California area.

Benefits:

  • Health, dental, and vision insurance (contractor is responsible for arranging their own benefits).
  • 401(k) retirement plan (contractor is responsible for arranging their own retirement plan).
  • Flexible working hours and remote work options.

Working Hours: Full-time (40 hours per week), with flexible working hours and remote work options available.

📝 Enhancement Note: While the salary range and benefits are not explicitly stated, it's implied that the compensation package will be competitive for a mid-senior level cloud security architect role in the Irvine, California area. The benefits package is typical for a contractor role, with the contractor responsible for arranging their own health insurance and retirement plan.

🎯 Team & Company Context

🏢 Company Culture

Industry: Technology and Software Development

Company Size: Medium-sized (50-250 employees)

Founded: 2014

Team Structure:

  • Security Team: The security team is responsible for ensuring the security of the company's products and infrastructure. The team consists of security architects, security engineers, and security analysts.
  • Product Teams: The product teams are responsible for developing and maintaining the company's products. The teams consist of software engineers, QA engineers, and product managers.
  • Cross-Functional Collaboration: The security team works closely with the product teams to ensure that security is integrated into the development process.

Development Methodology:

  • Agile: The company uses Agile methodologies to develop and maintain its products. The security team works closely with the product teams to ensure that security is integrated into the development process.
  • Continuous Integration and Continuous Deployment (CI/CD): The company uses CI/CD pipelines to automate the deployment process and ensure that changes are deployed quickly and safely.
  • Infrastructure as Code (IaC): The company uses IaC tools to manage its infrastructure and ensure that it is configured securely.

Company Website: www.vtekis.com

📝 Enhancement Note: While not explicitly stated, it's implied that the company values cross-functional collaboration and integrates security into the development process. The company uses Agile methodologies and CI/CD pipelines to ensure that changes are deployed quickly and safely. The security team works closely with the product teams to ensure that security is integrated into the development process.

📈 Career & Growth Analysis

Web Technology Career Level: Mid-Senior level (5-10 years of experience)

Reporting Structure: The Product Security Architect will report directly to the Director of Security.

Technical Impact: The Product Security Architect will have a significant impact on the security of the company's products and infrastructure. They will work closely with the development teams to identify and mitigate security risks, and ensure that the company's products and infrastructure are secure.

Growth Opportunities:

  • Technical Growth: The Product Security Architect will have the opportunity to grow their technical skills and knowledge in cloud security, threat modeling, and security tooling.
  • Leadership Growth: The Product Security Architect will have the opportunity to develop their leadership skills and take on more responsibility within the security team.
  • Career Progression: The Product Security Architect will have the opportunity to progress to a senior or principal security architect role, or to move into a security management role.

📝 Enhancement Note: While not explicitly stated, it's implied that the Product Security Architect role is a mid-senior level role with significant technical impact. The role offers opportunities for technical growth, leadership growth, and career progression within the security team.

🌐 Work Environment

Office Type: Hybrid (onsite and remote work options available)

Office Location(s): Irvine, California, United States

Workspace Context:

  • Collaborative Workspace: The company provides a collaborative workspace with multiple monitors and testing devices available.
  • Cross-Functional Interaction: The security team works closely with the product teams, providing opportunities for cross-functional interaction and collaboration.
  • Flexible Work Schedule: The company offers flexible working hours and remote work options, allowing employees to balance their work and personal lives.

Work Schedule: Full-time (40 hours per week), with flexible working hours and remote work options available.

📝 Enhancement Note: While not explicitly stated, it's implied that the company provides a collaborative workspace with multiple monitors and testing devices available. The security team works closely with the product teams, providing opportunities for cross-functional interaction and collaboration. The company offers flexible working hours and remote work options, allowing employees to balance their work and personal lives.

📄 Application & Technical Interview Process

Interview Process:

  1. Phone Screen: A brief phone screen to discuss the role and the candidate's qualifications.
  2. Technical Deep Dive: A technical deep dive to discuss the candidate's experience with cloud security, threat modeling, and security tooling.
  3. Behavioral Interview: A behavioral interview to discuss the candidate's problem-solving skills and cultural fit.
  4. Final Interview: A final interview with the Director of Security to discuss the candidate's qualifications and fit for the role.

Portfolio Review Tips:

  • Cloud Security Projects: Highlight cloud security projects that demonstrate your experience with cloud-native applications and infrastructure.
  • Threat Modeling: Showcase threat modeling projects or case studies that demonstrate your ability to identify and mitigate security risks.
  • Security Tooling: Highlight projects that involve security tooling and automation, with a focus on cloud environments.
  • Incident Response: Include examples of incident response projects or case studies that demonstrate your ability to participate in security incident reviews and remediation strategies.

Technical Challenge Preparation:

  • Cloud Security: Brush up on your knowledge of cloud security best practices and emerging threats.
  • Threat Modeling: Review threat modeling methodologies and tools.
  • Security Tooling: Familiarize yourself with security tooling and automation for cloud environments.
  • Incident Response: Review incident response best practices and tools.

ATS Keywords: Cloud Security, Threat Modeling, Security Tooling, Incident Response, AWS, GCP, Azure, Infrastructure as Code, Container Security, Security Architecture, Security Engineering

📝 Enhancement Note: While not explicitly stated, it's implied that the interview process will involve a phone screen, technical deep dive, behavioral interview, and final interview. The portfolio review tips and technical challenge preparation tips are tailored to the cloud security architect role, with a focus on cloud security, threat modeling, security tooling, and incident response. The ATS keywords are tailored to the cloud security architect role, with a focus on cloud security, threat modeling, security tooling, incident response, and relevant cloud platforms and tools.

📌 Application Steps

To apply for this Product Security Architect – Cloud Applications & Infrastructure position:

  1. Submit your application through the application link provided.
  2. Customize your portfolio with live demos and responsive examples that highlight your cloud security, threat modeling, and security tooling experience.
  3. Optimize your resume for web technology roles, with a focus on your cloud security, threat modeling, and security tooling experience.
  4. Prepare for the technical interview by reviewing cloud security best practices, threat modeling methodologies, security tooling, and incident response best practices.
  5. Research the company and its products to demonstrate your understanding of the company's security needs and your ability to contribute to the security of its products and infrastructure.

⚠️ Important Notice: This enhanced job description includes AI-generated insights and cloud security industry-standard assumptions. All details should be verified directly with the hiring organization before making application decisions.

Application Requirements

Candidates must have a deep understanding of cloud platforms and experience with security testing and tooling. Strong grasp of container security and scripting/automation experience is also required.