Cloud Security Architect

We are seeking a highly skilled and experienced Cloud Security Architect to join our Enterprise IT Security team. The Cloud Security Architect will be primarily responsible for designing and developing the security architecture for our cloud-based infrastructure. In this role, you will collaborate with other IT security professionals and enterprise architects to provide oversight and guidance for ensuring the security and compliance of our cloud environment. Please note that this position does not involve implementation responsibilities, but rather serves as an overseer and steering function for security architecture.

At Enterprise IT Security (EITS), we are on a mission to secure the IT journey for the Volvo Group. We work closely together with stakeholders across several Business Areas (BAs), Truck Divisions (TDs), and Group Functions (GFs). While the BAs drive the business, the TDs provide research, development, purchasing, manufacturing, and assembly. Within Volvo Group, the GFs own the Group agenda, provide strategic direction, and have global responsibility in group-wide functions such as IT, legal, compliance, and security.

This particular function/role resides in the Active Cyber Defense division which is a part of EITS and responsible for proactive measures to enhance preparedness against cyber threats. In this role, you will report to the Head of Enterprise IT Security Architecture.

Role Description

In this role, you will:

• Develop and maintain the overall security architecture for our cloud-based infrastructure, ensuring the confidentiality, integrity, and availability of data and systems.
• Collaborate with IT security teams to identify and assess potential security risks, vulnerabilities, and threats specific to the cloud environment.
• Provide guidance and oversight to ensure compliance with industry best practices, regulatory requirements, and company policies related to cloud security.
• Work closely with enterprise architects to align cloud security strategies with overall enterprise architecture goals and objectives.
• Design and support the implementation of security controls, mechanisms, and technologies to protect cloud-based applications, systems, and data.
• Review and evaluate cloud service providers' security controls and offerings to ensure they meet our organization's requirements.
• Conduct risk assessments and security reviews of cloud infrastructure and applications, identifying areas for improvement and recommending appropriate solutions.
• Stay up-to-date with the latest trends and developments in cloud security, emerging threats, and best practices, and provide guidance on their implications for our organization.
• Participate in incident response activities, conducting investigations and contributing to the development of incident response plans for cloud-based incidents.

Critical Competencies:

• Expertise in cloud security: Deep understanding of cloud architecture, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) models. Proficient in cloud security controls, technologies, and frameworks such as AWS, Azure, or GCP.
• Security architecture design: Proven experience in designing and implementing security architectures for complex cloud-based environments. Strong knowledge of security principles, frameworks, and standards such as ISO 27001, ISO 21434, NIST, and CSA.
• Risk assessment and management: Ability to conduct comprehensive risk assessments and develop risk mitigation strategies for cloud environments. Familiarity with risk assessment methodologies and tools.
• Collaboration and communication: Excellent interpersonal and communication skills to effectively collaborate with cross-functional teams, including IT security, enterprise architects, and cloud service providers.
• Experience in developing and implementing security policies, procedures, and controls.
• Ability to convey complex technical concepts to non-technical stakeholders.

Minimum Education and Experience:

• Bachelor’s or Master’s Degree in Information Technology, Information Systems, Engineering, a related field or equivalent work experience.
• Minimum of 8 years of experience in cloud security architecture or a related role.
• Experience in tech, security or automotive industry is highly regarded.
• Relevant certifications such as Certified Cloud Security Professional (CCSP), Certified Information Systems Security Professional (CISSP), or Certified Cloud Architect (AWS/Azure/GCP) are highly desirable.

Kindly note that due to GDPR, we will not accept applications via mail. Please use our career site.