Principal Cloud Security Architect

Career Category

Job Description

Join Amgen’s Mission of Serving Patients

At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do.

Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives.

Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career.

Principal Cloud Security Architect

What you will do

Let’s do this. Let’s change the world. In this vital role you will develop and implement the organization’s information security strategy to protect data, systems, and networks from potential threats and designing and implementing the organization’s security architecture, ensuring that all systems, applications, and networks are protected against threats. This role involves working closely with IT and development teams to integrate security into every aspect of the technology stack. This role involves coordinating architectural support for the Cloud Security domain, supporting the Functional and Enterprise Architectural Review process, handling risk, and ensuring compliance with relevant regulations and standards. The ideal candidate has strong leadership skills, deep knowledge of cybersecurity practices, and experience in handling large-scale security programs.

Job Responsibilities

• Design and implement a comprehensive information security strategy aligned with the organization’s business goals
• Develop and maintain the organization’s security architecture, ensuring that it meets current and future security requirements
• Assess and select security technologies and tools that align with the organization’s security strategy
• Own the information security team, providing guidance, support, and mentoring to ensure the efficiency of security operations
• Perform threat modeling and risk assessments to identify and mitigate potential security risks
• Review and approve configurations for systems, networks, and applications to ensure that they meet security standards
• Directly responsible for crafting, implementing and maintaining reusable architectural security design patterns that protect Amgen business systems
• Accountable as the Cloud Security Domain architect to establish domain reference architecture mapping security capabilities, process and technology
• Continuously assesses cloud security risk and threat landscape, identifies security control gaps and develops business technology strategies that materially addresses risk and reinforce departmental investments
• Handles and maintains current architectural plans, engineering blueprints and CDT reference architecture in system of record
• Accountable for leading, supporting, crafting, developing, testing, integrating and deploying security technologies and or capabilities including but not limited to Cloud Security Posture Management, Cloud Workload Protection, Web Application Security, Container scanning, Data Security Posture Management, Cloud Security standard methodologies
• Collaborates multi-functionally across infrastructure teams, end user support teams, security operations, vulnerability management, network security, data security, digital forensics, endpoint security, cloud security and application security throughout the SDLC to deliver secure and compliant systems
• Provides proactive recall and timely response support for cyber events and investigations
• Participates as domain authority in support of corporate cyber and InfoSec audit activities
• Responsible for leading the development and publication of Security Configuration Baseline (SCB) standards related to cloud operations
• Define, provide, and improve measurement and analysis on the assigned services including the use of appropriate applications and tools for reporting
• Develop or participate in the development of cases and presentations on information security technologies of interest to Amgen
• Advise project teams, application owners, and other Information Security teams on information security controls, policies and standards
• Serves as a functional collaborator with the Enterprise Architecture team to assess system designs and functionality against existing reusable patterns under the provisions of Amgen City Plan program
• Establish and maintain approved security patterns, methods and reusable elements to expedite solutions attestation and approval throughout SDLC
• Perform security design consulting in support of projects including participation in security architecture reviews as necessary
• Collaborate multi-functionally with analysts, engineers, data scientists to achieve continuous improvement in cloud security, compliance and resilience.
• Domestic and International travel up to 10%.

What we expect of you

We are all different, yet we all use our unique contributions to serve patients.

Basic Qualifications:

Master’s degree and 8 to 10 years of Information Systems and/or Computer Science experience OR

Bachelor’s degree and 10 to 14 Information Systems and/or Computer Science experience OR

Diploma and 14 to 18 years of Information Systems and/or Computer Science experience

Preferred Qualifications:

• Deep knowledge and understanding of Service Management strategy and operations, cybersecurity frameworks; cloud security processes, technologies, and standard methodologies
• Experience in risk management, incident response, and security governance
• Strong knowledge of security architecture frameworks and principles
• Solid understanding of common software and web application security vulnerabilities

Good-to-Have Skills:

• Experience with network security, endpoint protection, and incident response
• Proficiency in scripting and automation (e.g., Python, Bash) is a plus

Professional Certifications (please mention if the certification is preferred or mandatory for the role):

• CompTIA Security+ (Mandatory)
• CompTIA Network+(Mandatory)
• AWS Certified Security-0Specialty (Mandatory)
• CISSP (preferred)
• TOGAF (preferred)
• AWS Certified Solutions Developer (Preferred)
• Microsoft Certified: Azure Security Engineer (Preferred)
• Microsoft Certified: Cybersecurity Architect Expert (Preferred)
• Google Cloud Security Engineer (Preferred)
• Google Cloud Architect (Preferred)

What you can expect of us

As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way.

In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards.

Apply now

for a career that defies imagination

Objects in your future are closer than they appear. Join us.

careers.amgen.com