Employment in this role is conditional upon successful execution of the contract by the client.

The Work

The Cloud Security Architect is responsible for leading the design, implementation, and governance of secure architecture across cloud-native, microservices, and AI-enabled environments. This individual serves as the technical authority on all aspects of cloud security, working closely with business and IT stakeholders to ensure that security enables modernization and transformation objectives while maintaining strict compliance with state and federal frameworks.

This position aligns with Cayuse’s core values of Innovation, Excellence, Collaboration, Adaptability, and Integrity by fostering technical solutions that meet customer needs, promoting teamwork, and prioritizing quality in deliverables.

• Collaborate with business stakeholders to understand organizational objectives, operational procedures, and pain points.
• Analyze user requirements, data flows, and existing system constraints to propose secure, efficient, and cost-effective solutions.
• Conduct comprehensive studies and cost/benefit analyses to recommend alternative cloud security strategies.
• Lead interviews and working sessions across units to capture requirements for system automation, security enhancements, and reporting.
• Lead the end-to-end design and implementation of secure-by-default architectures for cloud-native, containerized, microservices, and AI/ML systems.
• Integrate Identity and Access Management (IAM) and Zero Trust principles across enterprise systems.
• Ensure that security controls and design patterns comply with TCF, NIST 800-53, and additional regulatory mandates.
• Oversee the deployment, configuration, and management of Cloud Security Posture Management (CSPM) and other security tooling.
• Embed security into DevSecOps pipelines, ensuring secure software development lifecycle (SDLC) practices.
• Perform advanced threat modeling and risk assessments for highly complex, distributed environments.
• Draft, maintain, and enforce enterprise security policies, architecture standards, and procedures.
• Monitor, evaluate, and enhance security operations and controls to maintain compliance and address evolving threats.
• Produce detailed documentation, including user needs, program functions, architectural diagrams, and implementation steps.
• Present risk assessments, strategies, and complex technical concepts to executive leadership and non-technical stakeholders.
• Other duties as assigned.

Here’s What You Need

The qualifications and skills listed below are intended to provide a general overview of the requirements for this position. However, due to the anticipated nature of the contract and the absence of a finalized task order from the client, this list should not be considered all-encompassing. Additional qualifications, certifications, skills, or experience specific to the client’s requirements may be identified and requested upon award of the task order. Candidates should demonstrate flexibility and a willingness to adapt to evolving responsibilities as outlined by the client.

• 8 years (Required): Experience in information security and systems architecture
• 8 years (Required): Proven experience designing secure cloud-native architectures (AWS preferred)
• 8 years (Required): In-depth knowledge of Texas Cybersecurity Framework (TCF) and NIST 800-53
• 8 years (Required): Expertise in Identity and Access Management (IAM) and Zero Trust Architecture
• 8 years (Required): Experience performing threat modeling for complex systems
• 8 years (Required): Experience securing microservices, APIs, and containerized environments
• 8 years (Required): Experience configuring cloud security posture management (CSPM) tools
• 8 years (Required): Experience integrating security into DevSecOps pipelines
• Must be able to pass a background check. May require additional background checks as required by projects and/or clients at any time during employment.

Minimum Skills:

• Exceptional interpersonal skills with the ability to communicate in a clear, professional, and articulate manner.
• Exceptional verbal and written communication skills. 
• Excellent organizational, analytical, and problem-solving skills with high-level attention to detail.
• Ability to analyze systems and procedures
• Strong multitasking skills with the ability to manage multiple design streams across concurrent work effort.
• Must be self-motivated and able to work well independently as well as on a multi-functional team.
• Ability to handle sensitive and confidential information appropriately.

Preferred Qualifications:

• 4 years (Preferred): Familiarity with securing AI/LLM-based systems and data pipelines.
• 4 years (Preferred): Experience with data protection strategies for PII, PHI, and other sensitive

data.

• 4 years (Preferred): Experience presenting risk assessments to executive leadership.
• 4 years (Preferred): Ability to draft enterprise security policies and architecture standards.
• 2 years (Preferred): Relevant certifications such as CISSP, CISM, AWS Certified Security Enginer212

Our Commitment to you / overview of benefits

• Medical, Dental and Vision Insurance; Wellness Program
• Flexible Spending Accounts (Healthcare, Dependent Care, Commuter)
• Short-Term and Long-Term Disability options
• Basic Life and AD&D Insurance (Company Provided)
• Voluntary Life and AD&D options
• 401(k) Retirement Savings Plan with matching after one year
• Paid Time Off

Reports to: Program Manager

Working Conditions

• Professional office environment, with the ability to work onsite in the main office.
• Must reside in the Austin area.
• Must be physically and mentally able to perform duties extended periods of time.
• Ability to use a computer and other office productivity tools with sufficient speed to meet the demands of this position.
• Must be able to establish a productive and professional workspace.
• Must be able to sit for long periods of time looking at computer screen.

• May be asked to work a flexible schedule which may include holidays.
• May be asked to travel for business or professional development purposes.
• May be asked to work hours outside of normal business hours.
• Travel costs, per diem, and other related expenses must be pre-approved in compliance with State of Texas travel guidelines.

Other Duties: Please note this job description is not designed to cover or contain a comprehensive list of activities, duties or responsibilities that are required of the employee for this job.  Duties, responsibilities, and activities may change at any time with or without notice.

Cayuse is an Equal Opportunity Employer.  All employment decisions are based on merit, qualifications, skills, and abilities. All qualified applicants will receive consideration for employment in accordance with any applicable federal, state, or local law.