Cloud Security Architect FFIEC and NIST CSF -Dallas, TX -Hybrid or Remote in the U.S.

Cloud Security Architect FFIEC and NIST CSF -Dallas, TX -Hybrid or Remote in the U.S.

FinTrust Connect Dallas TX Hybrid or Remote in the U.S.

Share Your Resume and Build Your Future!

Join our Talent Community for Dallas and the Texas finance and tech corridor. Local demand favors architects who can stand up compliant landing zones and translate FFIEC and NIST CSF controls into working cloud designs across Azure and AWS.

As a Cloud Security Architect you will design and evolve secure cloud platforms for regulated workloads. You will lead control mapping to FFIEC guidance and NIST CSF 2.0, build landing zones with policy and guardrails as code, and enable continuous assurance across identity, data, and logging.

Requirements:

• 7 to 12 years in security architecture with recent cloud platform depth
• Proven delivery on Azure and or AWS IAM and identity governance and encryption and key management and logging and monitoring
• Landing zone design and enablement subscriptions and accounts network segmentation baseline policies and controls cost, and tag strategy logging and threat detection IaC with Terraform or Bicep and Git based workflows
• Familiarity with FFIEC expectations and NIST CSF 2.0 and CIS Critical Security Controls and ISO 27001
• Hands on with one or more tools Microsoft Defender for Cloud and Sentinel and Entra and PIM and Azure Policy and Monitor or AWS Control Tower and GuardDuty and Security Hub and IAM Access Analyzer and Organizations
• Evidence ready documentation for audit and exams

Responsibilities:

• Architect Azure and or AWS landing zones for financial services with identity network data and logging baselines. Enable policy as code secrets and key rotation
• Map FFIEC and NIST CSF controls to platform capabilities. Produce solution patterns and control narratives that exam teams can verify
• Implement monitoring and detection cloud native telemetry into SIEM. Tune detections and dashboards for coverage and mean time to detect and mean time to respond
• Mentor platform and app teams on zero trust private access and least privilege designs
• Run tabletop exercises with audit and risk for incident and recovery scenarios

Outcomes we track:

• Control coverage 95% across in scope cloud services within 90 days

• Privileged access reviews 100% evidenced quarterly

• Critical findings remediated 100% within agreed SLAs

• Exam and audit RFIs answered 100% on time with complete evidence

Compensation and terms:

• Consultant pay $120 to $179 per hour based on platform and regulatory depth
• Contract, Hybrid, Dallas, TX or Remote 
• US W2 or 1099

Multiple openings for national pods

How to apply

• Apply on our site FinTrust Careers

• Or email talent@FinTrustConnect.com with subject [Apply] Cloud Security Architect Dallas

• Follow FinTrust Connect on LinkedIn

Keywords
Cloud Security Architect, FFIEC, NIST CSF 2.0, Azure Landing Zone, AWS Control Tower, IAM, PIM, Entra, KMS, Key Vault, Logging, SIEM, Microsoft Sentinel, Defender for Cloud, GuardDuty, Terraform, Bicep, Policy as Code, Zero Trust, Data Protection, Audit Evidence, Dallas