Cloud Security Manager

Job Description

SUMMARY : We are seeking a talented, passionate Cloud Security Manager to join our team and help lead efforts to secure our cloud-based banking and support applications / infrastructure. As a Cloud Security Engineering Manager, you will be reporting to Chief Enterprise Architect and responsible for helping to develop and drive the Bank's overall cloud security strategy in collaboration with Enterprise Architecture, Cloud Architecture, Data Platform, and Software Engineering teams. ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties and special projects may be assigned.

• Design, develop, and deploy modular cloud-first security and support systems
• Develop and enforce cloud security policies, standards, and guidelines to ensure compliance with regulatory and industry requirements, especially NIST, PCI-DSS
• Identify opportunities to reduce cloud security risk for the Bank and lead the team in implementation of said solutions
• Participate in security assessments and audits of our cloud environments and assist towards the identity and remediation of potential security gaps and / or vulnerabilities
• Plan, architect, and implement cloud security tools and technologies, such as firewalls, IDS, identity and access management, logging and monitoring
• Evaluate and develop a framework for SaaS security baselining and standardization (inclusive of IAM considerations, data security, etc.)
• Assist with any security incidents or events in the cloud and collaborate with other teams to resolve issues and mitigate risks
• Research and stay updated on the latest cloud security trends, threats, and best practices and provide recommendations for improvement, especially as they relate to Financial Services
• Educate and train other staff on cloud security awareness and best practices
• Integrate, as appropriate, AWS and other vendor security services and features, to enhance the security posture of our AWS cloud environment
• Apply API security principles and techniques, such as authentication, authorization, encryption, rate limiting, etc., to protect our cloud-based APIs from unauthorized access and abuse
• Use cloud security posture management (CSPM) tools and processes to monitor and remediate misconfigurations and security risks across our cloud environments
• Use cloud access security broker (CASB) or other Internet traffic filtering solutions to enforce security policies and controls for our cloud-based applications and data
• Create, maintain, and present documentation as it relates to cloud security operation's designs / configurations, processes, standards, and recommendations
• Oversee the performance and development of a team of cloud engineers and other Cybersecurity professionals while providing feedback, coaching, and mentoring
• Understand network security policies and introduce and implement security standards and best practices for cloud engineering
• Manage project budgets and schedules and ensure timely and quality delivery of security solutions
• Provide support and guidance to team members and resolve any issues or conflicts
• Collaborate with Network, Enterprise Architecture, Cloud Architecture, Data Platform, IAM, and Software Engineering teams to design, implement, and support an enterprise-class cloud security strategy
• Adheres to and complies with applicable, federal and state laws, regulations and guidance, including those related to anti-money laundering ( Bank Secrecy Act, US PATRIOT Act, etc.).
• Adheres to Bank policies and procedures and completes required training.
• Identifies and reports suspicious activity.

SUPERVISORY RESPONSIBILITIES

EDUCATION Bachelor's degree in cybersecurity, computer science, or related field, or equivalent work experience preferred.

EXPERIENCE

KNOWLEDGE, SKILLS AND ABILITIES

CERTIFICATES, LICENSES, REGISTRATIONS