Overview

We are seeking a Cloud Security Architect to lead the design and implementation of secure cloud solutions across diverse platforms and client environments.

This role is ideal for a seasoned security leader with deep expertise in cloud-native architectures, threat modelling, and enterprise security strategy. You will collaborate with engineering, DevOps, and business stakeholders to embed security into every layer of cloud infrastructure and application lifecycle.

Responsibilities

  • Define and drive cloud security architecture strategies across AWS, Azure, GCP, and hybrid environments
  • Lead threat modelling, risk assessments, and architecture reviews for cloud-native and containerised applications
  • Develop and enforce cloud security standards, policies, and reference architectures
  • Guide engineering teams in implementing secure CI/CD pipelines, infrastructure-as-code (IaC), and automated security controls
  • Evaluate and integrate cloud security tools (e.g., CSPM, CWPP, CIEM) into enterprise environments
  • Collaborate with application architects and product teams to ensure secure design patterns and compliance with regulatory frameworks (e.g., ISO 27001, NIST, GDPR)
  • Mentor and coach cloud security engineers and contribute to internal knowledge sharing
  • Support incident response and forensic investigations related to cloud environments
  • Stay current with emerging threats, technologies, and best practices in cloud security

Requirements

  • 8+ years of experience in information security, with 4+ years focused on cloud security architecture
  • Proven expertise in designing secure solutions on AWS, Azure, or GCP
  • Strong understanding of cloud-native services, IAM, network security, encryption, and logging
  • Experience with IaC tools (Terraform, CloudFormation), container security (Kubernetes, Docker), and DevSecOps practices
  • Familiarity with cloud security frameworks (CSA, CIS Benchmarks, NIST)
  • Hands-on experience with cloud security platforms (e.g., Prisma Cloud, Wiz, Orca, Azure Defender)
  • Excellent communication and stakeholder management skills
  • Relevant certifications (e.g., CCSP, AWS Certified Security Specialty, AWS Certified Solutions Architect, Azure Security Engineer Associate, Azure Solutions Architect Expert, Google Professional Cloud Security Engineer, Google Professional Cloud Architect) are a plus
  • Fluent in English

Bulgaria

  • Opportunity to Engineer your Future and to drive the world’s digital transformation with top industry clients
  • Personal development program that will allow you to be valued for your strengths
  • Wide range of professional trainings and workshops
  • Being part of a collaborative, fast-growing, and innovative design team
  • Established and accelerated growth toward different career paths, competencies, and roles
  • Broad projects variety and possible mobility between projects over the time
  • Collaboration in a multicultural environment and exchange of best practices with colleagues around the world
  • Varied social benefits, Sports, Transportation and Health programs
  • Work-life balance and flexible schedule, team buildings and sport opportunities
  • Modern office/collaboration spaces (incl. new Infinity Tower business center, Sofia)
  • Hybrid By Design - we provide you with the best productivity options from the 2 worlds. Meet, socialize and enjoy F2F time with your colleagues, while working from the modern EPAM's office for a few days per week and benefit from the EPAM's virtual working environment - making you able to be productive and work from remote for the rest of the week