10871 - Cloud Security Architect "SAE"

Hyundai Autoever America•Irvine, CA

About The Position

Cloud Security Architect Location – Irvine, CA Company Overview Hyundai AutoEver America (HAEA) , the dynamic IT powerhouse behind Hyundai Motor Corporation, a Fortune 500 global leader in the automotive industry. As a key affiliate, we provide cutting-edge IT services and support to top brands including Kia, Genesis, Hyundai Translead, Hyundai Mobis, Hyundai Capital, and Glovis. HAEA offers a truly global and collaborative environment. Here, you’ll drive innovation, boost operational efficiency, and help shape the future of mobility for the Hyundai Motor Group. At HAEA, we understand that IT is the cornerstone of today’s fast-evolving digital world. By uniting all IT resources under one roof, we deliver consistent, top-quality solutions while serving as the crucial information link between Hyundai’s Global Headquarters and North American operations. If you’re passionate about technology and eager to make a real impact at a world-class company, Hyundai AutoEver America is the place to grow your career. Join us and be part of the transformation that’s driving the future of automotive innovation. What You Will Be Doing The Cloud Security Architect is responsible for defining, evolving, and governing the enterprise Cloud Security Architecture across all cloud service providers. This role sits within the Security Architecture and Engineering organization and serves as the technical authority for cloud security design, standards, and patterns across AWS, Azure, and GCP. The architect owns the strategic direction of the Cloud Security Standard, ensures consistent security logging and monitoring architecture, and defines the organization’s approach to Cloud Security Posture Management (CSPM) at scale. This role partners closely with Cloud Engineering, Platform, Application, and Security Operations teams to ensure secure-by-design cloud adoption without impeding delivery velocity. The key responsibilities of this role are as described below: Cloud Security Architecture & Strategy Define and maintain the Cloud Security Architecture for AWS, Azure, and GCP environments. Establish secure reference architectures, design patterns, and guardrails for: Identity and access management Network segmentation and connectivity Data protection and encryption Workload and platform security Translate threat models, risk requirements, and business needs into actionable cloud security architecture. Cloud Security Standards Ownership Own the Cloud Security Standard across all cloud providers, including: Strategic direction Technical depth and consistency Lifecycle management and iteration Ensure the standard is: Provider-aware yet provider-agnostic where possible Aligned with evolving cloud services and architectures Consistently adopted through design reviews, patterns, and automation Provide architectural guidance and risk issue and exceptions analysis as part of the Risk Operation Processes, when deviations are required. Logging, Monitoring & Detection Architecture Define the cloud logging and monitoring architecture across AWS, Azure, and GCP. Ensure cloud-native and security-relevant logs are: Standardized across providers Reliably ingested into centralized log management and SIEM platforms Structured to support detection engineering, incident response, and forensic analysis Partner with Security Operations to align logging architecture with detection and response use cases. Cloud Security Posture Management (CSPM) Architecture Define the organization’s CSPM strategy and architecture across multi-cloud environments. Establish: CSPM policy baselines Risk-based prioritization models Integration patterns with risk and remediation workflows Ensure CSPM capabilities scale with cloud adoption and provide meaningful security signal rather than noise. Guide engineering teams on remediation patterns and sustainable control implementation. Cross-Functional Influence & Governance Act as a trusted security architecture advisor to: Customers Cloud Platform and Infrastructure teams Application and DevOps teams Integrated Risk Management and Audit partners Lead cloud security design reviews and architecture discussions. Support risk assessments, audits, and regulatory inquiries related to cloud security architecture. Basic Qualifications:

Requirements

10+ years of experience in Cloud Security, Security Architecture, or Cloud Infrastructure, with significant architecture responsibility.
Deep hands-on experience designing secure architectures in AWS, Azure, and GCP.
Demonstrated experience defining and governing Cloud Security Standards.
Bachelor’s degree in Cybersecurity, Information Technology, Computer science or a related field.
Strong experience architecting cloud logging pipelines and SIEM integrations for security operations.
Proven expertise designing and operating Cloud Security Posture Management (CSPM) at enterprise scale.
Strong understanding of Cloud-native security services, Identity, networking, and data protection in cloud environments, and Cloud threat models and attack paths.
Strong troubleshooting and collaboration skills.
Excellent stakeholder management and communication skills.
Proficient in English for effective communication and coordination.

Nice To Haves

Hands on experience with CSPM tools such as Prisma Cloud, Wiz, Lacework or similar.
Architecture experience in large-scale, multi-cloud enterprise environments.
A working understanding of cloud security frameworks and benchmarks (e.g. CIS).
Masters degree in Cybersecurity, Information Technology, Computer Science or a related discipline is preferred.
Industry-recognized credentials such as CISSP, CISM, or cloud specific certifications for AWS, Azure or GCP security are highly desirable.
Bi-lingual in English and Korean language proficiency is preferred to support global coordination and communication.

Responsibilities

Define and maintain the Cloud Security Architecture for AWS, Azure, and GCP environments.
Establish secure reference architectures, design patterns, and guardrails for: Identity and access management Network segmentation and connectivity Data protection and encryption Workload and platform security
Translate threat models, risk requirements, and business needs into actionable cloud security architecture.
Own the Cloud Security Standard across all cloud providers, including: Strategic direction Technical depth and consistency Lifecycle management and iteration
Ensure the standard is: Provider-aware yet provider-agnostic where possible Aligned with evolving cloud services and architectures Consistently adopted through design reviews, patterns, and automation
Provide architectural guidance and risk issue and exceptions analysis as part of the Risk Operation Processes, when deviations are required.
Define the cloud logging and monitoring architecture across AWS, Azure, and GCP.
Ensure cloud-native and security-relevant logs are: Standardized across providers Reliably ingested into centralized log management and SIEM platforms Structured to support detection engineering, incident response, and forensic analysis
Partner with Security Operations to align logging architecture with detection and response use cases.
Define the organization’s CSPM strategy and architecture across multi-cloud environments.
Establish: CSPM policy baselines Risk-based prioritization models Integration patterns with risk and remediation workflows
Ensure CSPM capabilities scale with cloud adoption and provide meaningful security signal rather than noise.
Guide engineering teams on remediation patterns and sustainable control implementation.
Act as a trusted security architecture advisor to: Customers Cloud Platform and Infrastructure teams Application and DevOps teams Integrated Risk Management and Audit partners
Lead cloud security design reviews and architecture discussions.
Support risk assessments, audits, and regulatory inquiries related to cloud security architecture.