Find The RightJob.
Cloud Security Architect
Cloud Security Architect
Location: Chicago, IL (Hybrid)
About HDI Global Insurance Company
HDI Global Insurance Company is a commercial property and casualty insurer headquartered in Chicago, IL. As a wholly owned subsidiary of HDI Global SE, we manage the industrial lines division of the Talanx Group. Our extensive portfolio of products and services, combined with an international network of local insurers, enables us to offer comprehensive domestic and global insurance solutions for U.S.-based multinational companies.
The Cloud Security Architect is a senior, hands-on technical leader responsible for designing, engineering, and governing secure cloud infrastructure across HDI Global Insurance Company’s Azure and AWS environments. Operating within a highly regulated insurance carrier environment subject to NYDFS 23 NYCRR 500, NAIC Insurance Data Security Model Law, GLBA Safeguards Rule, SOC 2, and NIST CSF 2.0, DORA, BAFN this role ensures that cloud platforms are secure-by-design, resilient, audit-ready, and aligned with enterprise risk management and global IT strategy.
This position partners closely with Enterprise Architecture, IT Governance, Risk & Compliance, Application Development, Service Operations, and Global IT to operationalize secure cloud landing zones, identity architecture, Kubernetes security, encryption strategy, detection engineering, and regulatory-aligned control frameworks. The Cloud Security Architect serves as a key control engineering authority within HDI’s Information Security Program, ensuring alignment with the company’s Information Security Policy and IT Risk Management Framework.
Key Responsibilities
Location: Chicago, IL (Hybrid)
About HDI Global Insurance Company
HDI Global Insurance Company is a commercial property and casualty insurer headquartered in Chicago, IL. As a wholly owned subsidiary of HDI Global SE, we manage the industrial lines division of the Talanx Group. Our extensive portfolio of products and services, combined with an international network of local insurers, enables us to offer comprehensive domestic and global insurance solutions for U.S.-based multinational companies.
The Cloud Security Architect is a senior, hands-on technical leader responsible for designing, engineering, and governing secure cloud infrastructure across HDI Global Insurance Company’s Azure and AWS environments. Operating within a highly regulated insurance carrier environment subject to NYDFS 23 NYCRR 500, NAIC Insurance Data Security Model Law, GLBA Safeguards Rule, SOC 2, and NIST CSF 2.0, DORA, BAFN this role ensures that cloud platforms are secure-by-design, resilient, audit-ready, and aligned with enterprise risk management and global IT strategy.
This position partners closely with Enterprise Architecture, IT Governance, Risk & Compliance, Application Development, Service Operations, and Global IT to operationalize secure cloud landing zones, identity architecture, Kubernetes security, encryption strategy, detection engineering, and regulatory-aligned control frameworks. The Cloud Security Architect serves as a key control engineering authority within HDI’s Information Security Program, ensuring alignment with the company’s Information Security Policy and IT Risk Management Framework.
Key Responsibilities
- Architect secure multi-subscription Azure and multi-account AWS landing zones for Data Resiliency and Recovery.
- Design and enforce VNet/VPC segmentation and hybrid connectivity controls.
- Implement Zero Trust network ingress/egress architectures (WAF, firewalls, private endpoints).
- Engineer enterprise cloud IAM aligned to least privilege and just-in-time access.
- Secure privileged access, break-glass controls, and MFA/FIDO2 authentication enforcement.
- Embed policy-as-code and automated security validation into CI/CD pipelines.
- Familiarity with AKS/EKS environments with RBAC, network policies, and image scanning.
- Design enterprise key management and encryption-at-rest/in-transit controls.
- Implement CSPM/CNAPP and centralized cloud logging integrated to SIEM.
- Support regulatory examinations and produce control evidence aligned to NYDFS, NAIC, GLBA, DORA, BAFN and NIST CSF 2.0.
Qualifications and Experience
- 7+ years in cloud security, infrastructure architecture, or cloud engineering.
- 3+ years designing secure Azure and/or AWS production environments.
- Deep expertise in VNet/VPC architecture and secure hybrid networking.
- Strong experience with cloud-native IAM and privileged identity management.
- Hands on knowledge of Terraform, Bicep, or CloudFormation.
- Experience working with Kubernetes and containerized workloads.
- Strong understanding of encryption, key management, and data protection controls.
- Knowledge of cloud threat detection, logging, and SIEM integration.
- Experience operating in regulated insurance, banking, or financial services environments.
- Professional certifications such as AZ-305, AZ-500, CCSP, AWS Security Specialty, or CKS preferred.
Compensation and Benefits
Base salary range for this position is 100,000-140,000, plus eligibility for a performance-based annual bonus. Actual compensation will be based on a variety of factors including experience, education, and location.
We offer a competitive benefits package, including: 401(k) with company match, Paid Time Off, Sick Leave, Medical, Health Reimbursement Arrangement (HRA), Telemedicine, Wellness Program, Employee Assistance Program (EAP), Dental, Vision, Accident & Critical Illness Insurance, Flexible Spending Account (FSA), Dependent Care FSA, Group and Voluntary Life Insurance, Short- and Long-Term Disability, Pet Insurance, Transit and Parking benefits.
Additional Information
- HDI Global Insurance Company is an Equal Opportunity Employer. We consider applicants without regard to race, color, religion, national origin, age, sex, marital status, ancestry, disability, veteran status, gender identity, or sexual orientation.
- Applicants must be legally authorized to work in the United States.
- Recruitment Agencies: All resumes submitted without prior HR authorization will be considered unsolicited.
- HDI Global Insurance Company is an Equal Opportunity Employer and participates in E-Verify.
- Attention California Applicants: Click here to view HDI's California Personnel Privacy Notice
Similar jobs
Sr. Delivery Consultant, WWPS Professional Services
Amazon Web Services
Herndon, United States
1 day ago
Sr. Delivery Consultant, WWPS ProServe
Amazon Web Services
Jessup, United States
1 day ago
Senior Delivery Consultant - Cloud Security, NAMER
Amazon Web Services
Dallas, United States
1 day ago
Software Engineer II
Microsoft
Redmond, United States
10 days ago
Senior Data Governance Specialist
Red Arch Solutions
Reston, United States
10 days ago
Product Counsel, Google Cloud AI
Seattle, United States
10 days ago
Azure Security Consultant
Aprio
San Francisco, United States
10 days ago
© 2026 Qureos. All rights reserved.