Job Description:
The Cloud Security Engineering Lead in Global Information Security will be responsible for defining, implementing, and overseeing our cloud security engineering strategy. You will be part of a team of highly skilled engineers and collaborate closely with cross-functional teams to ensure the security and compliance of our cloud-based systems and services. This role requires a combination of technical expertise, strategic thinking, and leadership to drive innovation and ensure the highest level of security for our cloud-based infrastructure and services.
- Engineering Leadership: Provide strategic leadership as a part of a team of cloud security engineers, fostering innovation and a culture of excellence
- Security Architecture: Develop and implement robust security architecture for cloud environments, ensuring the protection of data, applications, and systems
- Security Operations: Oversee day-to-day security operations in the cloud, including threat detection, incident response, and vulnerability management
- Secure DevOps: Collaborate with DevOps teams to integrate security into the software development and deployment lifecycle
- Compliance: Ensure compliance with industry standards (e.g. NIST, ISO 27001) and regulatory requirements related to cloud security
- Risk assessment: Conduct risk assessments and vulnerability assessments to identify and mitigate security risks in cloud environments
- Security Tooling: Evaluate and implement security tools and technologies to enhance cloud security capabilities
- Incident Response: Lead the response to security incidents and breaches in cloud systems, coordinating with relevant teams.
- Training and Development: Provide training and professional development opportunities to security engineering team members.
Required Skills
- 8+ years of professional experience including extensive experience in cloud security engineering and a minimum of 5 years in leadership roles
- Strong knowledge of cloud platform (e.g. AWS, Azure, GCP) and cloud security best practices
- Ability to bring multiple stakeholders together, including senior business leaders, operations, risk, finance, regulatory, and cut to the heart of issues to reach consensus & decisions
- Experience with security technologies, including IDS/IPS, firewalls, SIEM, and SOAR solutions
- Familiarity with DevSecOps principles and practices
- Excellent leadership, communication, team-building skills, strong analytical and problem-solving abilities.
- Bias for action and a commitment to build partnerships in a dynamic risk & threat driven environment
- Possesses a solid understanding of the technologies underlying our platforms and the confidence to engage in technical discussions across the organization
Desired Skills
- Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field
- Strong cyber thought leader and strategist who can influence at very senior levels of the organization
- Inspires teams across Global Information Security, Global Technology, and control partners to deliver together
- Strong interpersonal skills; ability to make effective presentations and communicate technical concepts to non-technical parties
- Exhibits executive leadership behaviors when addressing organizational conflict and removing roadblocks to effective delivery
- Strong relationship management skills to navigate the complexities of gaining buy-in and building consensus
- Excellent communication, influencing and facilitation skills with deep intellectual curiosity and innovative thinker
- Demonstrate neutral objectivity and seek the best outcome for the business. Enterprise mindset; considers E2E process impact when evaluating opportunities/challenges
- Maximizes organizational capability with a demonstrated commitment to valuing diversity
Enterprise Role Overview:
Senior contributor, with accountability for researching, designing, and engineering information security (authentication, perimeter security, security & compliance tools, etc) & directory technology systems (software & hardware) and security policies / procedures. Utilizes in-depth technical / project knowledge and business requirements to design secure solutions to meet customer / client needs while protecting the Bank's assets. Serves as organization spokesperson on specialized projects. Acts as a prime consultant on large projects that affect the organizations long-term goals and objectives. Exercises independent judgment in methods, techniques, and evaluation criteria for obtaining results. Provides direction and guidance to others in the group. Works under minimal supervision, with general guidance from Technical or Senior Technical Manager. Typically 7-10 years of IT experience.
Shift:
1st shift (United States of America)
Hours Per Week:
40