Information Technology - Cloud Security Engineer

POSITION PURPOSE

The Cloud Security Engineer will be responsible for assisting in the implementation of an overall strategy and execution of an enterprise-wide, cost-effective information security / compliance program and technology to ensure that all information assets are adequately protected and required compliance is attained. This role will work in partnership with the Director of Cloud and Infrastructure Systems, business partners and external partners to advance the information security and compliance needs of the company. Responsibilities will include identifying, evaluating, reporting on, and mitigating information security risks in a manner that meets internal, Verizon and external compliance and regulatory requirements. The Cloud Security Engineer is responsible for designing, implementing, and maintaining robust security measures for AI and machine learning (ML) systems. This role ensures the confidentiality, integrity, and availability of AI models, data, and infrastructure, while also addressing emerging threats unique to AI technologies.

ESSENTIAL DUTIES

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

• Communicate and institutionalize security / compliance related policies and standards.
• Drive security / compliance training and awareness across the organization.
• Work directly with external partners to implement technology, process and controls to ensure PCI compliance.
• Manage and provide oversight of PCI compliance for TCC Legacy, TCC Dealers, and WZ franchises. This includes ensuring annual compliance activities such as audit / testing, gap remediation, QSA coordination and negotiation to maintain compliance.
• Support various operating systems by assisting with system updates, security patches, overall system security and configuration.
• Oversee a comprehensive Patch and Vulnerability management program.
• Oversee 3rd party SOC services.
• Ensure 3rd party Cloud products and services meet TCC Security and PCI requirements.
• Implement and support security / compliance tools such as AV, CMS, Barracuda, Tenable, etc.
• Preform audits on critical systems to ensure security controls are in place and being followed.
• Proactively monitor the network to identify security risks and vulnerabilities
• Manage and oversee the lifecycle of system accounts
• Perform information security assessments / audits of existing controls and processes.
• Gather documentation / technical information in support of audits and drive remediation efforts.
• Provide consultative advice to internal technical and development teams that enable them to make informed risk management decisions.
• Maintain strong working relationships with individuals and groups involved in managing information security risks across the organization.
• Participate in moderate to highly complex projects as they pertain to the organization's long-term information security strategy.
• Validate new or upgraded hardware, software and new technologies to meet security and compliance requirements.
• Interpret business requirements and functional specifications to recommend security requirements
• Act as a Subject Matter Expert in the discovery and investigation of critical security vulnerabilities as required.
• Manage all Incident Response activities based on plan and triage security related alerts and anomalies
• Support Incident Response activities, including, but not limited to managing response tasks and updating the Incident Management Tracking by providing timely and accurate status updates.
• Work with partners in conducting Vulnerability Scans and Penetration testing and drive remediation of identified gaps.
• Take a lead role in conducting security research on threats and remediation techniques / technology, make recommendations to the IT teams and oversee implementation.
• Serve as a Compliance and Security Controls SME on internal / external requests for security specific information.
• Maintain dashboards and collect metrics and reports on vulnerability findings and remediation compliance
• Develop and implement security controls for AI / ML systems, including model deployment pipelines and data storage.
• Conduct AI-specific threat modeling, risk assessments, and adversarial testing to identify and mitigate vulnerabilities in AI models and data pipelines.
• Monitor AI systems for security anomalies, model drift, and adversarial attacks.
• Design and enforce protocols for training data protection, privacy, and compliance with AI security standards.
• Collaborate with data scientists, developers, and IT teams to integrate security into AI product development from inception through deployment.
• Research and respond to emerging AI-specific threats, such as model poisoning, data manipulation, and adversarial inputs.
• Implement secure MLOps practices and CI / CD pipelines for AI model updates.
• Ensure compliance with internal AI usage policies, data privacy regulations, and industry standards (e.g., NIST, ISO 27001, PCI, SOX).
• Lead incident response activities for AI-related security events and participate in vulnerability management and remediation efforts.
• Maintain documentation and metrics on AI security posture, findings, and remediation actions.
• Performs other duties as assigned.

REQUIRED KNOWLEDGE, SKILLS AND ABILITIES

The requirements listed below are representative of the knowledge, skill, and / or ability necessary to perform this job.

EDUCATION and / or EXPERIENCE

PHYSICAL DEMANDS

WORK ENVIRONMENT

TRAVEL REQUIREMENTS

KPI :

#cloudsecurity #itsecurity #jobsinit #nowhiringinit #infomrationtechnologyjobs