Job Description for CSPM / CNAPP Profile
Role Summary
The CSPM/CNAPP Architect is responsible for designing, implementing, and governing cloud security strategies across multi-cloud environments. This role ensures continuous security posture management, workload protection, and compliance using CNAPP platforms that integrate CSPM, CWPP, CIEM, and DevSecOps capabilities.
Key Responsibilities
- Design secure architectures for AWS, Azure, and GCP environments
- Define security guardrails, policies, and reference architectures
- Lead zero-trust and least-privilege access strategies
- Deploy and manage CSPM/CNAPP tools (e.g., Prisma Cloud, Wiz, Microsoft Defender for Cloud)
- Monitor misconfigurations, compliance violations, and risks
- Automate remediation workflows
- Embed security into CI/CD pipelines
- Implement shift-left security practices
- IaC scanning (Terraform, CloudFormation, etc.)
- Secure containers, Kubernetes, and serverless workloads
- Implement runtime protection and vulnerability management
- Protect APIs and microservices architectures
- Ensure compliance with frameworks (ISO 27001, SOC 2, NIST, CIS benchmarks)
- Conduct risk assessments and threat modeling
- Create dashboards and executive reporting
- Implement CIEM (Cloud Infrastructure Entitlement Management)
- Analyze excessiv