Capco
Capco1h ago
New

Cloud Architect – Security & Guardrails (AWS/Azure) (She/ He/ They)

Poland - Warsawmid
EngineeringSoftware Architect
0 views0 saves0 applied

Quick Summary

Key Responsibilities

Cloud Security Governance & Guardrails Design, implement, and enforce security baselines and preventative guardrails across AWS and Azure environments.

Technical Tools
EngineeringSoftware Architect

 

At Capco, we specialize in management consulting and technology transformation for the financial services industry. We combine innovative thinking with deep industry expertise to help our clients navigate complex change, deliver meaningful outcomes, and build future-ready organizations.

Our culture is entrepreneurial, collaborative, and inclusive. We empower our people to challenge the status quo, take ownership, and make an impact from day one.

As we continue to expand our Cloud and Cybersecurity capabilities, we are looking for an experienced Cloud Architect – Security & Guardrails (AWS/Azure) to help shape and secure enterprise-scale cloud environments.

 

We are seeking a highly skilled Cloud Architect specializing in Multi-Cloud Security Operations and Governance to secure and enhance enterprise AWS and Azure environments.

This role goes beyond traditional cloud architecture. You will design and implement robust defense-in-depth security frameworks, establish automated compliance guardrails, integrate advanced security platforms, and drive cloud security governance across complex environments.

Working at the intersection of Cloud Engineering, Cybersecurity, Risk, and Security Operations, you will play a key role in ensuring cloud platforms remain secure, compliant, resilient, and continuously monitored.

 

Responsibilities

~1 min read
  • Design, implement, and enforce security baselines and preventative guardrails across AWS and Azure environments.
  • Develop governance frameworks leveraging:
    • AWS Organizations
    • Service Control Policies (SCPs)
    • AWS Control Tower
    • Azure Policy
    • Azure Landing Zones
  • Ensure alignment with internal security standards, regulatory requirements, and industry best practices.
  • Design and optimize multi-cloud logging and monitoring strategies.
  • Build scalable telemetry pipelines integrating:
    • AWS CloudTrail
    • Amazon GuardDuty
    • Azure Activity Logs
    • Microsoft Defender for Cloud
  • Enable centralized visibility through enterprise SIEM platforms such as:
    • Microsoft Sentinel
    • Splunk
  • Support real-time threat detection, correlation, investigation, and alerting capabilities.
  • Define architecture and deployment strategies for:
    • EDR/XDR solutions
    • Cloud Workload Protection Platforms (CWPP)
  • Secure virtual machines, containers, Kubernetes environments, and serverless workloads across cloud platforms.
  • Collaborate with Security Operations teams to enhance threat detection and response.
  • Implement and optimize Cloud Security Posture Management (CSPM) capabilities.
  • Establish enterprise vulnerability management processes across cloud assets.
  • Enable continuous security scanning for:
    • Cloud misconfigurations
    • Infrastructure vulnerabilities
    • Container images
    • Operating systems
  • Develop automated remediation workflows and security playbooks.
  • Design and enforce Zero-Trust security principles.
  • Strengthen Identity and Access Management (IAM) governance across cloud platforms.
  • Implement:
    • Just-In-Time (JIT) access
    • Privileged Access Management (PAM)
    • Role-Based Access Control (RBAC)
    • Federated identity solutions
  • Partner with security stakeholders to reduce privileged access risks.
  • Evaluate, deploy, and govern best-in-class cloud security technologies.
  • Integrate third-party security platforms including:
    • CyberArk
    • Wiz
    • Palo Alto Prisma Cloud
    • CrowdStrike
    • Other strategic security tooling
  • Drive consistent security controls and operational excellence across the cloud ecosystem.

 

Requirements

~1 min read
  • Extensive experience designing and securing enterprise-scale AWS and Azure environments.Deep knowledge of cloud-native security services, controls, and governance frameworks.Hands-on expertise with:
    • SIEM platforms
    • EDR/XDR technologies
    • Vulnerability management solutions
    • CSPM tools
    Strong experience implementing:
    • Azure Policy
    • AWS Control Tower
    • Service Control Policies (SCPs)
    • Cloud governance frameworks
    Advanced Infrastructure as Code (IaC) skills, particularly with Terraform.Experience embedding security controls into CI/CD and cloud deployment pipelines.Strong understanding of:
    • Modern cyber threats
    • MITRE ATT&CK framework
    • Cloud attack vectors
    • Security monitoring and incident response processes
    Proven ability to collaborate effectively with:
    • Cloud Engineering teams
    • Security Operations Centers (SOC)
    • Risk, Compliance, and Audit functions
    Excellent stakeholder management and communication skills.


What We Offer

~1 min read
  1. HR Interview with the recruiter
  2. Technical Interview
  3. Client Interview 
  4. Feedback and offer

 

#LI-HYBRID

Location & Eligibility

Where is the job
Poland - Warsaw
On-site at the office
Who can apply
Same as job location

Listing Details

Posted
July 3, 2026
First seen
July 3, 2026
Last seen
July 3, 2026

Posting Health

Days active
0
Repost count
0
Trust Level
67%
Scored at
July 3, 2026

Signal breakdown

freshnesssource trustcontent trustemployer trust
Capco
Capco
greenhouse

Capco, a Wipro company, is a global technology and management consultancy specializing in driving digital transformation in the financial services and energy sectors.

Employees
5k+
Founded
1998
Domain
capco.com
View company profile

3 other jobs at Capco

View all →

Explore open roles at Capco.

Newsletter

Stay ahead of the market

Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.

A
B
C
D
Join 12,000+ marketers

No spam. Unsubscribe at any time.

CapcoCloud Architect – Security & Guardrails (AWS/Azure) (She/ He/ They)