Overview

We are seeking a full-time Cloud Security Architect (Cyber Architecture) in our Olathe, KS location. In this role you will be responsible for the design and evangelizing of Garmin’s cloud cybersecurity services. This individual will have a strong background in Cloud information security practices and services and an understanding of the threats to enterprise environments. They will evaluate the threat landscape, identify risks to the organization, and enhance Garmin’s capabilities to protect, detect, respond, and recover from security incidents. This role will drive collaboration across cybersecurity teams and will partner with Garmin business segments as a trusted advisor to ensure services are secure. This individual will also play a key role in business projects, cyber thought leadership, and providing technical guidance during security incidents.

Essential Functions

• Define Security Architecture: Develop the overall design of secure public and private cloud infrastructure tailored to the organization’s needs (e.g., AWS, Azure, GCP)
• Secure Design Patterns: Create and enforce patterns for network segmentation, access control, and system isolation
• Select Appropriate Security Models: Experienced with concepts and implementation of zero trust principles in a business environment
• Evaluate Threat Landscape: Identify and assess cloud-specific risks (e.g., data breaches, misconfigurations, DDoS) and vulnerabilities related to cloud services
• Prioritize Risks: Work with the risk management team to rank risks based on potential business impact and likelihood. Partner with business stakeholders to accelerate remediation
• Design IAM Architecture: Collaborate with the IAM teams to design the strategy for identity and access management, focusing on role-based access, least privilege principles, and MFA
• IAM Policy Design: Collaborate with the IAM teams to develop and enforce policies around access control, authentication, and authorization, ensuring secure access across all cloud resources
• Establish Security Baselines: Partner with Cyber, Cloud Services, and business stakeholders to define security baselines, standards, and policies that must be followed for every cloud deployment
• Security Controls Implementation Guidance: Provide clear guidance on the implementation of controls such as firewalls, encryption, and logging through policy and standard
• Development Platform Integration: Collaborate with product IT engineering teams to integrate security practices throughout in the software development lifecycle (SDLC)
• Security as Code: Advocate for the use of infrastructure as code (IaC) with security guardrails to automate security controls in cloud and on-premises
• Design Security Monitoring: Partner with Cyber engineering and Cyber operations teams to ensure the architecture for continuous monitoring, log management, and anomaly detection in cloud environments is effective and scalable
• Incident Response Framework: Review and provide input to the high-level incident response plan, ensuring it’s effective in cloud environments with a focus on breach containment, recovery, and investigation
• Evaluate Security Solutions: Select and integrate the appropriate cloud-native and third-party security tools such as Cloud-Native Application Protection Platform (CNAPP) and Cloud Security Posture Management (CSPM)
• Cloud Security Automation: Identify areas for automation, including security testing and deployment of security configurations
  
  
  

Basic Qualifications

• Bachelor’s Degree in Computer Science, Information Technology, Management Information Systems, Business or another related field AND a minimum of 15 years relevant experience OR an equivalent combination of education and relevant experience
• Demonstrated strong and effective verbal, written, and interpersonal communication skills in a large team or departmental setting
• Experience interacting and influencing associates at all levels of an organization, from individual contributor to senior executive.
• Strong mastery of industry best standards and practices for public and private clouds
• Experienced with security and operational services, technologies and products offered by AWS or Azure. Both is highly desired
  
  
  

Desired Qualifications

• Significant hands-on experience deploying, managing, and securing resources in one or more major public cloud providers
• Solid understanding of application development and the tools used to develop, deploy, and secure application code
• Experience with managing and securing modern IdP platforms (Entra ID, Okta, etc.)
• Experience with services and tools used to provide layered security to enterprise environments such as email security, firewalls, endpoint protection, and edge security services
• Deep understanding of the broad range of infrastructure services that support an organization such as storage, networking, virtualization, databases, and operating systems
  
  
  

Garmin International is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, veteran’s status, age or disability.

This position is eligible for Garmin's benefit program. Details can be found here: Garmin Benefits