Cloud Architect – Security & Guardrails (AWS/Azure) (She/ He/ They)

Posted Yesterday
Be an Early Applicant
Hiring Remotely in Poland
Remote or Hybrid
Senior level
Fintech • Professional Services • Consulting • Energy • Financial Services • Cybersecurity • Generative AI
Be Yourself at Work, Make a Difference, and Act with Integrity are our values at Capco.
The Role
Design and implement multi-cloud (AWS/Azure) security frameworks, automated compliance guardrails, SIEM/monitoring pipelines, endpoint and workload protection, CSPM and vulnerability management, IAM/zero-trust controls, and integrate enterprise security tooling to enable detection, response, and governance across cloud environments.
Summary Generated by Built In

CAPCO POLAND 

*We are looking for Poland based candidate. 


At Capco, we specialize in management consulting and technology transformation for the financial services industry. We combine innovative thinking with deep industry expertise to help our clients navigate complex change, deliver meaningful outcomes, and build future-ready organizations.

Our culture is entrepreneurial, collaborative, and inclusive. We empower our people to challenge the status quo, take ownership, and make an impact from day one.

As we continue to expand our Cloud and Cybersecurity capabilities, we are looking for an experienced Cloud Architect – Security & Guardrails (AWS/Azure) to help shape and secure enterprise-scale cloud environments.


ROLE OVERVIEW:

We are seeking a highly skilled Cloud Architect specializing in Multi-Cloud Security Operations and Governance to secure and enhance enterprise AWS and Azure environments.

This role goes beyond traditional cloud architecture. You will design and implement robust defense-in-depth security frameworks, establish automated compliance guardrails, integrate advanced security platforms, and drive cloud security governance across complex environments.

Working at the intersection of Cloud Engineering, Cybersecurity, Risk, and Security Operations, you will play a key role in ensuring cloud platforms remain secure, compliant, resilient, and continuously monitored.


KEY RESPONSIBILITIES:

  • Cloud Security Governance & Guardrails
    • Design, implement, and enforce security baselines and preventative guardrails across AWS and Azure environments.
    • Develop governance frameworks leveraging:
      • AWS Organizations
      • Service Control Policies (SCPs)
      • AWS Control Tower
      • Azure Policy
      • Azure Landing Zones
    • Ensure alignment with internal security standards, regulatory requirements, and industry best practices.
    SIEM, Monitoring & Logging Architecture
    • Design and optimize multi-cloud logging and monitoring strategies.
    • Build scalable telemetry pipelines integrating:
      • AWS CloudTrail
      • Amazon GuardDuty
      • Azure Activity Logs
      • Microsoft Defender for Cloud
    • Enable centralized visibility through enterprise SIEM platforms such as:
      • Microsoft Sentinel
      • Splunk
    • Support real-time threat detection, correlation, investigation, and alerting capabilities.
    Endpoint & Workload Protection
    • Define architecture and deployment strategies for:
      • EDR/XDR solutions
      • Cloud Workload Protection Platforms (CWPP)
    • Secure virtual machines, containers, Kubernetes environments, and serverless workloads across cloud platforms.
    • Collaborate with Security Operations teams to enhance threat detection and response.
    Vulnerability & Security Posture Management
    • Implement and optimize Cloud Security Posture Management (CSPM) capabilities.
    • Establish enterprise vulnerability management processes across cloud assets.
    • Enable continuous security scanning for:
      • Cloud misconfigurations
      • Infrastructure vulnerabilities
      • Container images
      • Operating systems
    • Develop automated remediation workflows and security playbooks.
    Identity & Access Security
    • Design and enforce Zero-Trust security principles.
    • Strengthen Identity and Access Management (IAM) governance across cloud platforms.
    • Implement:
      • Just-In-Time (JIT) access
      • Privileged Access Management (PAM)
      • Role-Based Access Control (RBAC)
      • Federated identity solutions
    • Partner with security stakeholders to reduce privileged access risks.
    Security Technology Integration
    • Evaluate, deploy, and govern best-in-class cloud security technologies.
    • Integrate third-party security platforms including:
      • CyberArk
      • Wiz
      • Palo Alto Prisma Cloud
      • CrowdStrike
      • Other strategic security tooling
    • Drive consistent security controls and operational excellence across the cloud ecosystem.

REQUIRED QUALIFICATIONS:

  • Extensive experience designing and securing enterprise-scale AWS and Azure environments.Deep knowledge of cloud-native security services, controls, and governance frameworks.Hands-on expertise with:
    • SIEM platforms
    • EDR/XDR technologies
    • Vulnerability management solutions
    • CSPM tools
    Strong experience implementing:
    • Azure Policy
    • AWS Control Tower
    • Service Control Policies (SCPs)
    • Cloud governance frameworks
    Advanced Infrastructure as Code (IaC) skills, particularly with Terraform.Experience embedding security controls into CI/CD and cloud deployment pipelines.Strong understanding of:
    • Modern cyber threats
    • MITRE ATT&CK framework
    • Cloud attack vectors
    • Security monitoring and incident response processes
    Proven ability to collaborate effectively with:
    • Cloud Engineering teams
    • Security Operations Centers (SOC)
    • Risk, Compliance, and Audit functions
    Excellent stakeholder management and communication skills.

We offer a flexible collaboration model based on a B2B contract, with the opportunity to work on diverse projects.

Recruitment Process:

  1. HR Interview with the recruiter
  2. Technical Interview
  3. Client Interview 
  4. Feedback and offer

#LI-HYBRID

Skills Required

  • Poland-based candidate (location requirement)
  • Extensive experience designing and securing enterprise-scale AWS and Azure environments
  • Hands-on expertise with SIEM platforms (e.g., Microsoft Sentinel, Splunk)
  • Hands-on experience with EDR/XDR and endpoint/workload protection solutions
  • Experience implementing and operating vulnerability management and CSPM tools
  • Strong experience implementing Azure Policy, AWS Control Tower and Service Control Policies (SCPs)
  • Advanced Infrastructure as Code (IaC) skills, particularly Terraform
  • Experience embedding security controls into CI/CD and cloud deployment pipelines
  • Strong understanding of modern cyber threats, cloud attack vectors and MITRE ATT&CK
  • Experience securing VMs, containers, Kubernetes and serverless workloads across cloud platforms
  • Experience with identity and access security: Zero Trust, IAM governance, JIT, PAM, RBAC, federated identity
  • Proven ability to collaborate with Cloud Engineering, SOC, Risk, Compliance and Audit functions
  • Excellent stakeholder management and communication skills

What the Team is Saying

Sarvani
Michael
Josh
Marina
Dreidel
Maud
Lydia
Chris

Capco Compensation & Benefits Highlights

  • Healthcare Strength Health, dental, and vision coverage are described as solid with low copays and a good variety of choices, complemented by mental‑health resources, an EAP, and wellbeing events. Company materials emphasize global availability of these supports.
  • Parental & Family Support Enhanced maternity, paternity, adoption, and shared parental leave are highlighted, with several months of maternity leave noted in the U.S. in some accounts. Additional paid leave is called out for life events such as pregnancy loss, fertility treatment, menopause, and bereavement.
  • Wellbeing & Lifestyle Benefits A global wellbeing program, coaching/mentoring, mental‑health initiatives, and wellness reimbursements (e.g., gym, fitness) are positioned as core parts of the offering. Flexible working is emphasized alongside regionally tailored wellbeing events.

Capco Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: London
6,000 Employees
Year Founded: 1998

What We Do

Capco, a Wipro company, is a global management and technology consultancy specializing in driving transformation in the energy and financial services industries. Capco operates at the intersection of business and technology by combining innovative thinking with unrivalled industry knowledge to fast-track digital initiatives for banking and payments, capital markets, wealth and asset management, insurance, and the energy sector. Capco’s cutting edge ingenuity is brought to life through its award-winning Be Yourself At Work culture and diverse talent. TRUSTED ADVISORS - Our collaborative and entrepreneurial approach position us as trusted long-term partners to our clients. DEEP EXPERTISE - Clients look to us for clear guidance, proven expertise, and the support they need to set their companies up for success. DISRUPTIVE SOLUTIONS- We do not provide off -the-shelf answers to clients’ challenges. Instead, we work in close collaboration to understand the issues, and craft disruptive, bespoke solutions. ACCOUNTABILITY AND OWNERSHIP - We recognize every client has distinct needs and expectations, and we take ownership and accountability for the solutions we design, build, and deliver.

Why Work With Us

We support and encourage an inclusive culture, entrepreneurial outlook and independent thinking. Capco is not about organizational charts and rigid hierarchies – we want all employees to feel that Capco is their firm to own and run. We believe diversity powers innovation. Be Yourself At Work (#BYAW) is an integral and underlying part of our culture

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

Capco Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Not Specified
Company Office Image
HQLondon, GB
Company Office Image
Bengaluru, Karnataka
Company Office Image
Bengaluru, Karnataka
Company Office Image
Berlin, DE
Company Office Image
Bratislava, SK
Company Office Image
Brussels, BE
Company Office Image
Charlotte, NC
Company Office Image
Chicago, IL
Company Office Image
Dallas, TX
Company Office Image
Düsseldorf, DE
Company Office Image
Edinburgh, GB
Company Office Image
Frankfurt am Main, DE
Company Office Image
Geneva, CH
Company Office Image
Houston, TX
Company Office Image
Kuala Lumpur, MY
Company Office Image
Milan, IT
Company Office Image
Mumbai, IN
Company Office Image
New York, NY
Company Office Image
Orlando, FL
Company Office Image
Paris, FR
Company Office Image
Singapore, SG
Company Office Image
Toronto, Ontario
Company Office Image
Vienna, AT
Company Office Image
Zürich, CH
Learn more

Similar Jobs

Capco Logo Capco

Devsecops Engineer

Fintech • Professional Services • Consulting • Energy • Financial Services • Cybersecurity • Generative AI
Remote or Hybrid
Poland
6000 Employees

Capco Logo Capco

Devsecops Engineer

Fintech • Professional Services • Consulting • Energy • Financial Services • Cybersecurity • Generative AI
Remote or Hybrid
Poland
6000 Employees

Capco Logo Capco

Business Analyst

Fintech • Professional Services • Consulting • Energy • Financial Services • Cybersecurity • Generative AI
Remote or Hybrid
Poland
6000 Employees

Capco Logo Capco

Consultant

Fintech • Professional Services • Consulting • Energy • Financial Services • Cybersecurity • Generative AI
Remote or Hybrid
Poland
6000 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account