Principal Cloud Security Architect
Company: Irvine Company
Location: East Irvine
Posted on: January 12, 2026
|
|
|
Job Description:
The Principal Cloud Security Architect is responsible for
developing and leading the secure cloud computing strategy for
Irvine Company. This includes working with Infrastructure and
Development groups to understand their Cloud Platform adoption
plans, hosted application designs, and cloud management and
monitoring methods. The principal cloud security architect will
define architecture patterns and standards based on industry best
practices and insights regarding application architecture and
deployment in cloud environments. The Principal Cloud Security
Architect will work collaboratively with domain architects and lead
security engineers to build security controls and solutions
compliant with approved architecture frameworks and standards. This
role also applies their cloud security, network architecture,
hardening, and logging enforcement skills to lead all technical
operation teams with containment and remediation workstreams
related to security incidents. Job Duties: Leads the overall cloud
security architecture strategy and technical framework including
standards/guidelines/procedures/requirements for infrastructure and
software development. Enable the business through technical
leadership to influence peers across Innovation Technology and
Business Leadership to design and implement cybersecurity
technology, and assist application and infrastructure teams secure
implementation of technology. Lead security assessments, identify
gaps in existing security architecture, and recommend changes or
improvement. Lead assessment of appropriate vendor relationships
related to information security tools, technology and cloud
services; manage proof-of-concepts that enable the business while
reducing risk; maintain currency with emerging technology; maintain
security roadmap. Develop and maintain enterprise security
requirements and controls that drive the selection of security
tools as well as assist Business Units and IT in selecting
solutions to meet their needs. Create solutions that align
enterprise security architecture frameworks and standards (e.g.
SABSA, NIST 800-53, ISO 27002) with overall business and security
strategy. Participate as the primary security subject matter expert
in the Information Technology Architecture Committee (ITAC) by
reviewing risks of new technology, ensuring secure integration of
technology and driving a secure architecture roadmap. Maintain a
leadership role in the Architecture Review Committee through
extensive experience in security technology and cloud architecture
to drive a balanced approach to Irvine Company’s overall technical
architecture. This responsibility also requires mentorship of
domain architects to mature their techniques and to think beyond
their specific area of responsibility. Establish and manage the
threat management/intelligence program (including threat modeling,
assessment, hunting) to support the Security Operations Center
(SOC) and integrate with the risk management functions. Assist
Security Operations to assess and investigate security incidents,
and work with application and operations teams throughout the
investigation cycle to ensure remediation, eradication and lessons
learned are rolled back into daily operations. Build and maintain
the Secure Software Development Lifecycle (SSDLC) including the
development of secure coding standards, testing services, testing
infrastructure, and compliance processes. Manage the development
and maintenance of the data protection program including discovery,
data-flow/mapping and Data Loss Prevention (DLP). Help identify new
exploits, threats, and mitigations for detection engineering and
define and maintain domain and enterprise level threat modeling.
Mentor junior cybersecurity staff in cybersecurity technology,
architectural methods and technical process development. Minimum
Qualifications / Other Expectations: Education & Experience:
Bachelors degree in computer science, engineering or related field.
15 years in information risk management and information security
technology, including 5 years in security architecture and 5 years
in a cloud environment. Strong written and verbal communications
skills with the ability to create and present technical
recommendations to executive management as well as influence and
persuade peers and others. Demonstrate a deep understanding of
cloud concepts and architectures with a focus for how security
controls are applied to cloud-based technologies. Example cloud
concepts include, but are not limited to: Architecture & Networking
Identity & Access Management Securing the CI/CD Pipeline Secrets
and Data Protection Logging, Detection, and Response Security
Controls for Containers (e.g., Docker, Kubernetes) Experience
managing cloud projects. Deep understanding and implementation of
industry-leading practices for cloud security risks using
frameworks and standards such as CIS Benchmarks, Cloud Security
Alliance, NIST SP 800-144, 800-145, 800-291, and 800-322.
Experience advising business and technical leadership on cloud
architecture and design concepts based on compliance and regulatory
standards (e.g., PII, PCI-DSS, PHI, GDPR, HIPAA). Demonstrated
experience in designing security architectures to mitigate threats
including Zero Trust, cloud environments, applications, network
infrastructure and data integration/management. Experience in
identifying gaps in existing architectures. Demonstrated experience
in architecting and implementing large complex security solutions
and programs (i.e. SOC, Identity Management, SSDLC, DLP).
Experience in architecting security for cloud environments (IaaS,
PaaS, SaaS) as well as leveraging cloud based security solutions.
Hands on experience with leading strategic security technology
solutions to enable business flexibility including SD-WAN, Wireless
networks and IoT. Experience managing multiple projects of diverse
scope and effectively collaborating in a cross-functional team
environment. Demonstrated knowledge on how business enabling
technology (e.g. IoT, A.I.) increases the threat landscape, while
understanding how to apply technology and process to mitigate cyber
risk. Knowledge of risk management processes and experience in
conducting risk assessments. Demonstrated ability to develop and
implement the overall cybersecurity architecture in alignment with
the risk posture of the organization. Ability to automate common
tasks in programming/scripting language and strong knowledge of
application programming interface (API) interaction methods.
Experience being a part of a highly technical team, including
Incident Response, Security Engineering, or Forensics teams.
Experience as an engineer in incident response efforts. This should
include hands on experience completing tasks such as malware
detection and analysis, memory analysis, and disk forensics.
Certifications: IT security certifications (CISSP, CISM, GIAC, CEH,
GCIH, GCFE, GXPN, CISSP-ISSAP, SABSA or similar) preferred.
Compensation: Base Pay Range: $197,400.00 - $235,100.00 Actual
placement within this range may vary based upon, but not limited
to, relevant experience, time in role, base salary of internal
peers, prior performance, business sector, and geographic location.
The Company also offers competitive benefits for full time
employees including paid time off, matching 401(k), and health
benefits. About Us: Irvine Company is a privately held real estate
investment company and master-planner committed to creating and
sustaining communities that thrive for generations. Irvine Company
is respected for its master planning and environmental stewardship
of the Irvine Ranch in Orange County, including diversified
operations throughout coastal California. Irvine Company brings to
life neighborhoods and sustainable communities with a full range of
housing, jobs, retail centers, schools, parks and open space. We
take as much pride in our employee community as we do the
communities we create. It’s an environment populated with talented
and experienced people, a collaborative spirit and abundant
opportunities.
Keywords: Irvine Company, Victorville , Principal Cloud Security Architect, IT / Software / Systems , East Irvine, California
