Cloud Security Architect FFIEC and NIST CSF -Dallas, TX -Hybrid or Remote in the

Cloud Security Architect FFIEC and NIST CSF -Dallas, TX -Hybrid or Remote in the U.S.FinTrust Connect Dallas TX Hybrid or Remote in the U.S.Share Your Resume and Build Your Future! Join our Talent Community for Dallas and the Texas finance and tech corridor. Local demand favors architects who can stand up compliant landing zones and translate FFIEC and NIST CSF controls into working cloud designs across Azure and AWS.As a Cloud Security Architect you will design and evolve secure cloud platforms for regulated workloads. You will lead control mapping to FFIEC guidance and NIST CSF 2.0, build landing zones with policy and guardrails as code, and enable continuous assurance across identity, data, and logging.Requirements:7 to 12 years in security architecture with recent cloud platform depthProven delivery on Azure and or AWS IAM and identity governance and encryption and key management and logging and monitoringLanding zone design and enablement subscriptions and accounts network segmentation baseline policies and controls cost, and tag strategy logging and threat detection IaC with Terraform or Bicep and Git based workflowsFamiliarity with FFIEC expectations and NIST CSF 2.0 and CIS Critical Security Controls and ISO 27001Hands on with one or more tools Microsoft Defender for Cloud and Sentinel and Entra and PIM and Azure Policy and Monitor or AWS Control Tower and GuardDuty and Security Hub and IAM Access Analyzer and OrganizationsEvidence ready documentation for audit and examsResponsibilities:Architect Azure and or AWS landing zones for financial services with identity network data and logging baselines. Enable policy as code secrets and key rotationMap FFIEC and NIST CSF controls to platform capabilities. Produce solution patterns and control narratives that exam teams can verifyImplement monitoring and detection cloud native telemetry into SIEM. Tune detections and dashboards for coverage and mean time to detect and mean time to respondMentor platform and app teams on zero trust private access and least privilege designsRun tabletop exercises with audit and risk for incident and recovery scenariosOutcomes we track:Control coverage 95% across in scope cloud services within 90 daysPrivileged access reviews 100% evidenced quarterlyCritical findings remediated 100% within agreed SLAsExam and audit RFIs answered 100% on time with complete evidenceCompensation and terms:Consultant pay $120 to $179 per hour based on platform and regulatory depthContract, Hybrid, Dallas, TX or Remote US W2 or 1099Multiple openings for national podsHow to applyApply on our site FinTrust CareersOr email talent@FinTrustConnect.com with subject [Apply] Cloud Security Architect DallasFollow FinTrust Connect on LinkedInKeywords Cloud Security Architect, FFIEC, NIST CSF 2.0, Azure Landing Zone, AWS Control Tower, IAM, PIM, Entra, KMS, Key Vault, Logging, SIEM, Microsoft Sentinel, Defender for Cloud, GuardDuty, Terraform, Bicep, Policy as Code, Zero Trust, Data Protection, Audit Evidence, DallasOriginally posted on Himalayas