×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Cloud Computing

Cloud Security Architect

Job in Santa Clara, Santa Clara County, California, 95053, USA
Listing for: NetEnrich, Inc.
Full Time position
Listed on 2026-01-12
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Cloud Computing
Salary/Wage Range or Industry Benchmark: 150000 - 200000 USD Yearly USD 150000.00 200000.00 YEAR
Job Description & How to Apply Below

About Netenrich, Inc.

Netenrich delivers complete Resolution Intelligence to transform digital operations into smarter business outcomes. With fifteen years’ innovation across IT, Net Ops and Sec Ops, Netenrich applies a dynamic mix of machine and expert intelligence across a wide range of products and SaaS-based offerings. The solutions integrate with more than 140 market-leading IT and security applications to drive digital transformation, mitigate brand exposure, increase efficiencies, and bridge skills gaps.

More than 6,000 customers and organizations worldwide rely on Netenrich to gain increased visibility and actionable intelligence across their IT and cloud networks. The company is privately owned and based in Santa Clara, CA.

We are looking for an experienced and hands-on Cloud Security Architect to join our team in Hyderabad/Bhimavaram. The role requires a deep understanding of cloud-native application protection platforms (CNAPP) such as Wiz, and a strong technical foundation in securing production environments  candidate must be able to design, implement, and continuously improve security across operating systems, applications, and multi-cloud services (AWS, Azure, GCP).

This role will act as a bridge between security, infrastructure, Dev Ops, and application teams, ensuring that security is embedded across the entire lifecycle — from architecture and design to deployment and operations — while aligning with industry best practices and compliance frameworks.

Key Responsibilities
  • Cloud Security Architecture & Design
    • Architect secure, scalable, resilient multi-cloud solutions; assess and uplift existing landing zones (AWS Control Tower, Azure ALZ, GCP LZ) with zero-trust patterns and segmentation.
    • Lead adoption and tuning of CNAPP (Wiz preferred) for posture, vulnerability, CIEM, container, and compliance monitoring; integrate into incident/change workflows.
    • Publish reference architectures and guardrails for IaaS, PaaS, containers/Kubernetes, serverless, and SaaS; embed least-privilege IAM, KMS/Key Vault/Cloud KMS, encryption in transit/at rest, tokenization, and secrets management.
    • Partner with platform, SRE, and app teams to embed security by design (threat modeling, architecture reviews, security NFRs).
  • Managed Cloud Security Operations (Posture, Enforcement & Optimization)
    • Operate and continuously improve CNAPP (Wiz preferred) across AWS/Azure/GCP: tune posture policies, de-duplicate/suppress noise, drive risk-based remediation at scale.
    • Run CSPM/CWPP/CIEM day-to-day
      : policy tuning, guardrails, exceptions with expiry, auto remediation via IaC/SSM/Runbooks; integrate with ticketing (Jira/Service Now) and track SLAs.
    • Continuous compliance
      : implement policy-as-code and evidence automation; maintain dashboards/mappings for ISO 27001, SOC 2, PCI DSS, HIPAA, GDPR, NIST CSF/CIS; manage POA&Ms to closure.
    • Identity & access guardrails
      : enforce least-privilege baselines, conditional access, access reviews/recertifications, break-glass controls; manage secrets/keys rotation (KMS/Key Vault/Cloud KMS, HSM).
    • Kubernetes & container runtime ops
      : admission policies (OPA/Gatekeeper), image signing/verification, registry controls, runtime protections (eBPF/agents), and baseline hardening for EKS/AKS/GKE.
    • Vulnerability & patch orchestration
      : coordinate OS/app/container scanning, set patch SLAs and maintenance windows, handle risk-accepted exceptions with review cadences.
    • Data protection posture
      : encryption at rest/in transit, tokenization, DLP/DSPM (where applicable), data residency/sovereignty checks, and key lifecycle hygiene.
    • SIEM/SOAR/XDR integration
      : normalize CNAPP/CSPM/CWPP signals, build alerting & playbooks, measure MTTD/MTTR, and lead RCA with durable fixes and control improvements.
    • Fin Ops-aware security
      : right-size agents and telemetry, optimize license/ingest costs, and balance risk reduction with performance and spend.
    • Reporting & stakeholder comms
      : weekly risk burndowns, compliance status, executive scorecards, and remediation progress across product/infra teams.
  • Ops success metrics (examples): ≥90% critical misconfigurations remediated in top accounts within 90 days; patch-SLA compliance ≥95%; MTTR…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search