Boeing Global Services is seeking a Cloud Security Solutions Architect Senior or Lead, reporting to the Director, Technical Operations product development. The position will be based out of our Englewood CO.
As a Cloud Security Solutions Architect at Boeing, you will be a key member of the Cloud Security function, responsible for designing and implementing robust security solutions for our cloud infrastructure and applications. You will collaborate closely with cross-functional teams to ensure that our cloud environments adhere to the highest security standards and best practices. Your expertise will be instrumental in safeguarding our sensitive data and ensuring the availability, confidentiality, and integrity of our cloud-based services.

Position Responsibilities:

• Collaborate with stakeholders, software architects, and DevOps teams to design and implement security solutions for cloud-based systems across multiple cloud platforms (e.g., AWS, Azure, GCP).
• Develop and maintain a comprehensive understanding of the organization’s cloud infrastructure, applications, and data flows.
• Design, develop and implement secure patterns to aid the transformation of our estate to cloud first.
• Code security elements of GitOps managed cloud landing zones and DevOps pipelines.
• Partner with our policy as code team to define and enforce cloud security policies, standards, and best practices to ensure compliance with industry regulations and internal security requirements.
• Lead threat modelling and risk assessments to identify potential security threats and vulnerabilities. Develop and execute strategies to mitigate and address these risks.
• Evaluate and recommend security tools, technologies, and services that enhance our cloud security posture.
• Collaborate with development teams to ensure secure coding practices, vulnerability assessments, and regular security testing.
• Lead security awareness training and education initiatives to ensure developers and application teams are familiar and competent in secure-by-design methodologies.
• Partner with development and platform communities to facilitate community steering of enterprise security roadmap.
• Stay up-to-date with emerging cloud security threats, vulnerabilities, and best practices, and apply this knowledge to continuously enhance our security strategies.

BASIC QUALIFICATIONS (REQUIRED SKILLS/EXPERIENCE):

• 5+ years of experience in cloud security architecture and design, with a focus on major cloud platforms (e.g., AWS, Azure, GCP).
• 3+ years of experience developing and operating microservice, containerized, or serverless applications.
• Strong command of orchestration technologies, continuous integration / continuous deployment and GitOps managed environments.
• Proven experience designing and implementing security solutions for cloud-based systems, including IAM, network security, data protection, and compliance.
• Strong understanding of cloud security best practices, encryption, authentication, authorization, and audit capabilities.
• Strong understanding of threats, vulnerabilities, and exploits common to cloud applications or environments and experience implementing controls to mitigate those threats.
• Experience with security assessment tools, vulnerability management, and penetration testing methodologies.

PREFERRED QUALIFICATIONS (EDUCATION/EXPERIENCE):

• Bachelor’s or master’s degree in computer science, Information Security, or related field (or equivalent relevant experience).
• 8+ years of experience in cloud security architecture and design, with a focus on major cloud platforms (e.g., AWS, Azure, GCP).
• 5+ years of experience developing and operating microservice, containerized, or serverless applications.
• Strong problem-solving skills, attention to detail, and the ability to work effectively both independently and as part of a team.
• Familiarity with security frameworks and standards (e.g., NIST, CIS, ISO 27001) and their application in cloud environments.
• Excellent communication skills to articulate complex security concepts to technical and non-technical stakeholders.
• Relevant certifications such as Certified Cloud Security Professional (CCSP), Certified Information Systems Security Professional (CISSP), or cloud platform-specific certifications are a plus.

• Collaborate with stakeholders, software architects, and DevOps teams to design and implement security solutions for cloud-based systems across multiple cloud platforms (e.g., AWS, Azure, GCP).
• Develop and maintain a comprehensive understanding of the organization’s cloud infrastructure, applications, and data flows.
• Design, develop and implement secure patterns to aid the transformation of our estate to cloud first.
• Code security elements of GitOps managed cloud landing zones and DevOps pipelines.
• Partner with our policy as code team to define and enforce cloud security policies, standards, and best practices to ensure compliance with industry regulations and internal security requirements.
• Lead threat modelling and risk assessments to identify potential security threats and vulnerabilities. Develop and execute strategies to mitigate and address these risks.
• Evaluate and recommend security tools, technologies, and services that enhance our cloud security posture.
• Collaborate with development teams to ensure secure coding practices, vulnerability assessments, and regular security testing.
• Lead security awareness training and education initiatives to ensure developers and application teams are familiar and competent in secure-by-design methodologies.
• Partner with development and platform communities to facilitate community steering of enterprise security roadmap.
• Stay up-to-date with emerging cloud security threats, vulnerabilities, and best practices, and apply this knowledge to continuously enhance our security strategies