Cloud Security Architect

Why Ryan? Global Award-Winning Culture Flexible Work Environment Generous Paid Time Off World-Class Benefits and Compensation Rapid Growth Opportunities Company Sponsored Two-Way Transportation Exponential Career Growth The Cloud Security Engineer is responsible for owning cloud security operations, posture management, and policy enforcement across the firm's multi-cloud environment. This role works closely with IT, platform engineering teams, and senior security leadership to identify risk early, enforce security controls, and drive measurable improvements to the firm's cloud security posture. A hands-on, self-directed approach and demonstrated experience operating in complex cloud environments is required. The Cloud Security Engineer partners with development and operations teams to integrate security requirements into the build process and serves as the cloud security subject matter expert within the Cyber Threat Operations team. Duties and Responsibilities aligned with Key Results: People: Own cloud security operations and posture management across the firm's multi-cloud environment. Engage directly with cloud platform and development teams as a security partner. Operate with a high degree of independence while maintaining clear communication with security leadership. May lead security team in management of daily security operation center functions. Consult on security requirements and identify system integrations by evaluating and understanding business strategies and requirements. Create a positive team member experience. Client: Serve as a cloud security subject matter expert for engineering and platform teams across the firm. Integrate security requirements early in the build process — architecture reviews, IaC pipeline checks, and pre-deployment guardrails Translate risk into actionable guidance that enables delivery. Collaborate with our practice areas, as well as external resources, to ensure all information security-related matters are designed and maintained appropriately. Serve as the security expert in application design, cloud, network, mobility, and platform (operating systems) efforts. Value: Own the cloud security posture management platform: configure findings, drive remediation, and maintain accurate exposure reporting. Enforce cloud security policies and guardrails across identity, network security, data access, and resource configuration. Conduct threat hunting, own detection coverage, and treat every incident as an input to something that gets hardened Stay current on cloud-specific adversary techniques and apply them to detection logic and hardening priorities. Plan and champion new security technologies, architectures, and products that will support the information security requirements for the firm. Education/Experience: 8+ years of progressive information security experience, with 4–6 years of direct, hands-on cloud security exposure. Production experience operating a cloud security posture management or cloud-native application protection platform. Hands-on experience across at least two major cloud platforms. Cloud platform and security knowledge sufficient to interpret and prioritize CSPM findings without guidance Experience with cloud security policy enforcement: guardrails, baseline controls, or policy-as-code in a live environment Security operations background: alert triage, event investigation, and incident response Experience working alongside engineering or development teams as a security partner Clear written communication across technical and non-technical audiences Highly self-motivated and directed. Preferred Experience: Experience with Azure, AWS, GCP. Kubernetes and container security experience. Shift-left experience: IaC pipeline security, pre-deployment misconfiguration checks, or CI/CD-integrated security controls. Knowledge of common IT regulatory compliance requirements associated with any of the following HIPAA, HITECH, ISO 27001/2, SOC 1/2, SOX, PCI and security best practices and procedures. Certificates and Licenses: Microsoft AZ-500, AWS Security Specialty, or CCSP preferred. CISSP is a plus but not required. Compliance with Laws: Job duties are to be conducted in a manner that adheres to privacy laws, as well as follows internal governance related to protecting confidential information and trade secrets, and to securing data and company records. Supervisory Responsibilities: This role may manage a team of direct reports. Work Environment: Standard indoor working environment. Position requires regular interaction with employees at all levels of the Firm; interface with external vendors, and clients also necessary. Occasional long periods of sitting while working at computer. Travel requirement: less than 10%. Equal Opportunity Employer: disability/veteran Ryan offers outstanding opportunities to work in a dynamic, rapidly expanding tax services firm serving the world’s most respected Global 5000 companies. Our innovative work environment, accelerated growth path for high performers, competitive benefits package, and outstanding earning potential provide the most rewarding career experience available in the industry. Ryan employees are given the freedom to do their best work in the way they work best. With a clear understanding of expectations and accountabilities, our employees are given ownership of their time and flexibility to meet the demands of their professional and personal lives. Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States and with Ryan LLC (i.e., H1-B visa, F-1 visa (OPT), TN visa or any other non-immigrant status). Job duties related to this role are to be conducted in a manner that adheres to privacy laws, as well as follows internal governance related to protecting confidential information and trade secrets, and to securing data and company records. Equal Employment Opportunity/Affirmative Action/Accommodation Ryan, LLC is an equal opportunity employer and is committed to compliance with all applicable laws prohibiting employment discrimination. It is our policy to take all employment actions and make all employment decisions without regard to race, color, religion, creed, gender, sex (including pregnancy), affectional or sexual orientation, gender identity or expression, national origin, ancestry, age, marital status, citizenship status, genetic predisposition or carrier status, disability, military status, status as a disabled or other protected veteran or any other protected status under applicable law. It is Ryan's policy to make reasonable accommodation for qualified individuals with disabilities. Please contact our People Group at 972.934.0022 or peoplegroup@ryan.com if you are interested in applying and need assistance to submit your application, or if you are interested in a position and believe you may require a reasonable accommodation in order for you to perform its essential functions. Click here to view the entire EEO poster and supplement. *Notice to Canada Candidates – In accordance with the Accessibility for Ontarians with Disabilities Act (AODA) and the Canadian Human Rights Act, Ryan ULC will provide accommodation, accessible formats and communication supports for the interview upon request. Ryan welcomes and encourages applications from people with disabilities*. Please access our Privacy Notice in relation to this at the following link for additional information on how we protect and handle personal information. To change or modify any personal information previously provided, please click here to access our Data Subject Access Request form.