About the Role
Merci Technologies is seeking a Cloud Security Architect to own the design and governance of secure cloud architecture for an enterprise client. In this role you will set security standards across multi-cloud environments, guide engineering teams on secure-by-design principles, and ensure cloud infrastructure aligns with regulatory and organizational risk requirements. This is a fully remote position open to Full-Time or Contract candidates.
Responsibilities
Design secure reference architectures for AWS, Azure, and/or GCP environments, including landing zones, network segmentation, and identity boundaries
Define cloud security standards, guardrails, and policy-as-code frameworks (e.g., OPA, Sentinel, AWS Config, Azure Policy)
Partner with engineering and DevOps teams to embed security into CI/CD pipelines and infrastructure-as-code (Terraform, CloudFormation)
Lead cloud security posture management (CSPM) initiatives and drive remediation of misconfigurations
Evaluate and architect solutions for workload protection, container security, and serverless security
Own cloud identity architecture in partnership with IAM teams, including federation, workload identity, and least-privilege access models
Advise leadership on cloud risk, cost of controls, and architecture trade-offs
Support audits and assessments against frameworks such as NIST 800-53, ISO 27001, and CIS Benchmarks
Qualifications
8+ years in cybersecurity with at least 4 years focused on cloud security architecture
Deep expertise in at least one major cloud platform, working knowledge of at least two
Relevant certifications preferred: AWS Certified Security - Specialty, Azure Security Engineer, CCSP, or equivalent
Strong understanding of infrastructure-as-code and DevSecOps practices
Experience architecting solutions for regulated industries or environments requiring CMMC, HIPAA, or SOC 2 compliance
Ability to communicate architectural decisions to both engineering teams and executive stakeholders
What You Will Bring
The ability to see across an entire multi-cloud estate, anticipate where architecture and risk intersect, and build guardrails that let engineering teams move fast without introducing exposure.