Cloud Network Security Architect - AWS / Zero Trust

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you’d like, where you’ll be supported and inspired by a collaborative community of colleagues around the world, and where you’ll be able to reimagine what’s possible. Join us and help the world’s leading organizations unlock the value of technology and build a more sustainable, more inclusive world.

About The Job You're Considering

The Cloud Network Security Architect is responsible for designing, implementing, and governing secure cloud network architectures across hybrid and multi‑cloud environments. This role ensures the confidentiality, integrity, and availability of enterprise systems by defining security‑by‑design network frameworks aligned with business, compliance, and risk management objectives.

Your Role

• Enterprise Zero Trust Network Architect: implement Zero Trust network architecture, including segmentation, least-privilege access, and consistent policy enforcement across users, workloads, and services in hybrid environments.  
• Network Security Design: Design and validate secure on-prem and cloud networking patterns (VPC/VNet, subnets, routing, TGW/peering, ingress/egress) using cloud-native controls and enterprise platforms.  
• Cross-Functional Requirements & Architecture Translation: Partner with application/platform/infrastructure teams to capture connectivity and security requirements (ports/protocols, data flows, trust boundaries) and translate them into actionable security architectures.  
• Firewall & Segmentation Strategy Owner: Define and standardize firewall policies and segmentation models, providing clear guidance on use of Palo Alto/Prisma vs. cloud-native mechanisms (SG/NSG, NACLs, route controls).  
• Architecture Governance & Adoption : Lead design reviews, threat modeling, and exception handling; produce and maintain standards, reference designs, and architecture decision records to drive secure-by-design outcomes.  
• Operational Enablement & Continuous Improvement: Collaborate with perimeter defense/SecOps to streamline rule discovery, risk review, approvals, and deployments (including automation); support troubleshooting and optimization for performance and resiliency.

Your Skills And Experience

• 10+ years of experience in network and security architecture, with strong focus on cloud platforms.
• Deep expertise in cloud networking concepts: routing, DNS, load balancing, NAT, private connectivity, and network segmentation.
• Hands‑on experience securing AWS and/or Azure networking services (VPC/VNet, Gateway, Firewall, Private Link, NSGs, Route Tables).
• Strong understanding of network security technologies: firewalls, WAF, IDS/IPS, DDoS, proxy, and micro‑segmentation.
• Experience implementing zero‑trust and identity‑centric network access models.
• Proficiency with Infrastructure as Code and automation tools (Terraform, Ansible, CloudFormation).
• Solid understanding of TCP/IP, BGP, IPSec, TLS, and network encryption mechanisms.
• Experience working in regulated and compliance‑driven environments.
• Cloud certifications (AWS Certified Security – Specialty, Azure Security Engineer, CCSP).
• Experience with multi‑cloud or large‑scale cloud migration programs.
• Knowledge of SASE, CASB, and secure access service edge architectures.
• Familiarity with SIEM/SOAR and security monitoring integrations.
• Experience supporting DevSecOps and CI/CD security integration.

The base compensation range for this role in the posted location is: $94,248 - $215,050 .

Capgemini provides compensation range information in accordance with applicable national, state, provincial, and local pay transparency laws. The base compensation range listed for this position reflects the minimum and maximum target compensation Capgemini, in good faith, believes it may pay for the role at the time of this posting. This range may be subject to change as permitted by law.

The actual compensation offered to any candidate may fall outside of the posted range and will be determined based on multiple factors legally permitted in the applicable jurisdiction.

These may include, but are not limited to: Geographic location, Education and qualifications, Certifications and licenses, Relevant experience and skills, Seniority and performance, Market and business consideration, Internal pay equity.

It is not typical for candidates to be hired at or near the top of the posted compensation range.

In addition to base salary, this role may be eligible for additional compensation such as variable incentives, bonuses, or commissions, depending on the position and applicable laws.

Capgemini offers a comprehensive, non-negotiable benefits package to all regular, full-time employees. In the U.S. and Canada, available benefits are determined by local policy and eligibility and may include: 

• Paid time off based on employee grade (A-F), defined by policy: Vacation: 12-25 days, depending on grade, Company paid holidays, Personal Days, Sick Leave

• Medical, dental, and vision coverage (or provincial healthcare coordination in Canada)
• Retirement savings plans (e.g., 401(k) in the U.S., RRSP in Canada)
• Life and disability insurance
• Employee assistance programs
• Other benefits as provided by local policy and eligibility

Important Notice: Compensation (including bonuses, commissions, or other forms of incentive pay) is not considered earned, vested, or payable until it becomes due under the terms of applicable plans or agreements and is subject to Capgemini’s discretion, consistent with applicable laws. The Company reserves the right to amend or withdraw compensation programs at any time, within the limits of applicable legislation.

Disclaimers

Capgemini is an Equal Opportunity Employer encouraging inclusion in the workplace. Capgemini also participates in the Partnership Accreditation in Indigenous Relations (PAIR) program which supports meaningful engagement with Indigenous communities across Canada by promoting fairness, accessibility, inclusion and respect.  We value the rich cultural heritage and contributions of Indigenous Peoples and actively work to create a welcoming and respectful environment. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.

This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodation does not pose an undue hardship. Capgemini is committed to providing reasonable accommodation during our recruitment process. If you need assistance or accommodation, please reach out to your recruiting contact.

Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.

Click the following link for more information on your rights as an Applicant in the United States.  

Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem.