H-1B Visa Cloud Security Architect Jobs
Cloud Security Architect roles qualify as H-1B visa specialty occupations under the SOC 15-1212 classification, requiring at least a bachelor's degree in computer science, information security, or a related field. Employers in financial services, healthcare technology, and cloud-native firms are among the most active H-1B sponsors for this role.
Find H-1B Visa Cloud Security Architect JobsOverview
Showing 5 of 94+ Cloud Security Architect jobs
See all 94+ Cloud Security Architect Jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Cloud Security Architect roles.
Get Access To All JobsINTRODUCTION
Cloud Security Architect
Must Have Technical/Functional Skills
- Strong expertise in AWS cloud security architecture including IAM, KMS, GuardDuty, and CloudTrail.
- Deep understanding of AWS Landing Zone, SCPs, governance, and enterprise security guardrails.
- Experience with security for custom applications including vulnerability identification and remediation.
- Proficiency with VAPT tools such as Nessus, Qualys, Burp Suite, Fortify, and Checkmarx.
- Strong understanding of WAF, firewall management, IDS/IPS, and network segmentation.
- Knowledge of OS-level security for Windows Server 2016–2025 and RHEL 7/8/9.
- Familiarity with securing Java, .NET, TIBCO ESB, and integration-heavy workloads.
- Understanding of database security for Oracle 19c, Exadata on AWS, and SQL Server.
- Ability to apply Zero Trust, least privilege, encryption, and secure-by-design principles.
- Strong collaboration skills across infra, app, DB, network, and DevOps teams.
Roles & Responsibilities
- Lead cloud security architecture for the Data Center Exit migration to AWS EC2.
- Design and implement AWS Landing Zone security including IAM guardrails, SCPs, and logging.
- Conduct application and infra vulnerability assessments and define remediation plans.
- Implement WAF rules, firewall policies, secure segmentation, and endpoint protection.
- Validate authentication, authorization, and encryption models for all migrated workloads.
- Support secure deployment practices, code reviews, and remediation of development gaps.
- Integrate SIEM systems with AWS native security tools for continuous monitoring.
- Define and enforce cloud security baselines aligned with CIS, NIST, and ISO controls.
- Lead penetration testing cycles and coordinate mitigation activities.
- Produce security HLD/LLD, risk assessments, and operational security runbooks.
Cloud Experience Needed
- Hands-on experience designing secure AWS multi-account Landing Zones and guardrail policies.
- Strong understanding of EC2 security, IAM, encryption, and identity federation models.
- Integration knowledge for Oracle Exadata on AWS, SQL Server, and middleware security flows.
- Experience with AWS WAF, Shield, GuardDuty, Security Hub, and detective controls.
- Ability to design security for EKS workloads including pod/network policies and image scanning.
- Understanding of security in hybrid cloud migrations and AWS migration tooling.
Salary Range
$120,000-$140,000 a year
LOCATION
Irvine, CA
Job Function
TECHNOLOGY
Role
Technical Architect
Job Id
417479
Desired Skills
Cloud Security
Desired Candidate Profile
Qualifications: BACHELOR OF COMPUTER SCIENCE
INTRODUCTION
Cloud Security Architect
Must Have Technical/Functional Skills
- Strong expertise in AWS cloud security architecture including IAM, KMS, GuardDuty, and CloudTrail.
- Deep understanding of AWS Landing Zone, SCPs, governance, and enterprise security guardrails.
- Experience with security for custom applications including vulnerability identification and remediation.
- Proficiency with VAPT tools such as Nessus, Qualys, Burp Suite, Fortify, and Checkmarx.
- Strong understanding of WAF, firewall management, IDS/IPS, and network segmentation.
- Knowledge of OS-level security for Windows Server 2016–2025 and RHEL 7/8/9.
- Familiarity with securing Java, .NET, TIBCO ESB, and integration-heavy workloads.
- Understanding of database security for Oracle 19c, Exadata on AWS, and SQL Server.
- Ability to apply Zero Trust, least privilege, encryption, and secure-by-design principles.
- Strong collaboration skills across infra, app, DB, network, and DevOps teams.
Roles & Responsibilities
- Lead cloud security architecture for the Data Center Exit migration to AWS EC2.
- Design and implement AWS Landing Zone security including IAM guardrails, SCPs, and logging.
- Conduct application and infra vulnerability assessments and define remediation plans.
- Implement WAF rules, firewall policies, secure segmentation, and endpoint protection.
- Validate authentication, authorization, and encryption models for all migrated workloads.
- Support secure deployment practices, code reviews, and remediation of development gaps.
- Integrate SIEM systems with AWS native security tools for continuous monitoring.
- Define and enforce cloud security baselines aligned with CIS, NIST, and ISO controls.
- Lead penetration testing cycles and coordinate mitigation activities.
- Produce security HLD/LLD, risk assessments, and operational security runbooks.
Cloud Experience Needed
- Hands-on experience designing secure AWS multi-account Landing Zones and guardrail policies.
- Strong understanding of EC2 security, IAM, encryption, and identity federation models.
- Integration knowledge for Oracle Exadata on AWS, SQL Server, and middleware security flows.
- Experience with AWS WAF, Shield, GuardDuty, Security Hub, and detective controls.
- Ability to design security for EKS workloads including pod/network policies and image scanning.
- Understanding of security in hybrid cloud migrations and AWS migration tooling.
Salary Range
$120,000-$140,000 a year
LOCATION
Irvine, CA
Job Function
TECHNOLOGY
Role
Technical Architect
Job Id
417479
Desired Skills
Cloud Security
Desired Candidate Profile
Qualifications: BACHELOR OF COMPUTER SCIENCE
See all 94+ H-1B Visa Cloud Security Architect Jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new H-1B Visa Cloud Security Architect Jobs.
Get Access To All JobsTips for Finding H-1B Visa Sponsorship in Cloud Security Architect
Align your credentials to SOC 15-1212
Cloud Security Architect maps to SOC code 15-1212 in O*NET. Make sure your resume and degree transcripts explicitly reflect the specialization USCIS expects for that classification, since mismatches between your stated role and SOC code are a common RFE trigger.
Check LCA filings before applying
Search the OFLC Wage Search for Labor Condition Application filings under 'Information Security Analysts' and 'Software Developers' to identify employers with active H-1B filing history for cloud security roles. This narrows your target list to verified sponsors, not just companies that claim to sponsor.
Use Migrate Mate to filter verified sponsors
On Migrate Mate, filter Cloud Security Architect listings by employers with confirmed LCA filing history. You'll skip the guesswork of cold-applying to companies that list sponsorship as a possibility but rarely follow through.
Document your architecture scope precisely
USCIS adjudicators scrutinize whether a Cloud Security Architect role truly requires a specialty-degree-level skill set. Your offer letter and supporting documentation should specify frameworks you'll own, like zero-trust design or CSPM tooling, not just general 'security oversight' language.
Ask employers about cap-exempt filing pathways
If you're approaching your sixth year on H-1B, target cap-exempt employers like universities or nonprofit research institutions that can file outside the annual lottery. This is especially relevant for cloud security roles embedded in research computing or federally funded infrastructure projects.
Request premium processing upfront in your offer negotiation
Premium processing upgrades USCIS adjudication to 15 business days. For Cloud Security Architect roles with a start date tied to a project launch or a compliance deadline, negotiate whether the employer will cover this fee before you accept the offer, not after.
H-1B Visa Cloud Security Architect: Frequently Asked Questions
Does a Cloud Security Architect role qualify as an H-1B specialty occupation?
Yes. Cloud Security Architect maps to SOC code 15-1212 and is consistently recognized by USCIS as a specialty occupation requiring at least a bachelor's degree in computer science, information security, or a directly related field. Roles that blend architecture responsibilities with cloud platform engineering or compliance frameworks have a strong precedent for approval, provided the job description reflects degree-level complexity.
Which types of employers sponsor H-1B visas most often for this role?
Financial services firms, cloud platform providers, healthcare technology companies, and defense contractors file the largest volume of H-1B LCAs for cloud security roles. You can verify active sponsors by searching the OFLC Wage Search for certified LCAs under relevant SOC codes. Migrate Mate also surfaces employers with confirmed filing history so you can prioritize your applications accordingly.
How does the prevailing wage requirement affect Cloud Security Architect H-1B petitions?
The employer must pay at least the prevailing wage for the SOC code and work location, as determined by DOL wage levels. Cloud Security Architect roles typically fall at wage level III or IV given their seniority, which means the offered salary must meet a higher floor than junior IT roles. The employer certifies this in the LCA before USCIS ever sees the petition.
What happens to my H-1B status if my employer is acquired or restructures?
If your employer is acquired and you continue in the same role under a successor entity, USCIS generally allows a successor-in-interest argument, meaning a new H-1B petition may not be required immediately. If your role changes materially, an amended petition is required. Cloud Security Architects should request written confirmation from HR about how an acquisition affects their sponsorship status before any transition closes.
Can I switch employers after starting a Cloud Security Architect role on H-1B?
Yes, under H-1B portability rules established by AC21, you can start working for a new employer once they file an H-1B transfer petition on your behalf, as long as your prior H-1B was approved and you've maintained valid status. You don't have to wait for the new petition to be approved before starting. Confirm the new employer has filed and received a receipt notice before your last day with the current employer.