Bank Of America Senior Cloud Security Engineering Manager 

United States, District of Columbia, Washington 

232705532

Job Description:

Job Description:

This position is critical to shaping the organization’s cloud security roadmap. You will drive architectural refactoring, implement cloud-native security frameworks, and ensure compliance with industry standards and regulatory requirements. Your leadership will enable secure innovation and operational resilience at scale.

Strategic Leadership
• Define and execute the enterprise cloud security strategy, aligning with business objectives and regulatory mandates.
• Lead security architecture modernization, including refactoring legacy systems for resilience and compliance.
• Champion cloud security best practices and integrate advanced security solutions across AWS, Azure, and GCP.

Technical Oversight
• Architect and oversee multi-cloud security deployments using Infrastructure-as-Code (IaC) and Policy-as-Code (PaC).
• Implement and optimize Cloud Security Posture Management (CSPM), CNAPP platforms (e.g., Wiz), and other advanced security tools.
• Design and enforce secure CI/CD pipelines, automated testing, and deployment practices.
• Establish security governance models, including identity and access management, workload protection, and compliance monitoring.

Governance & Risk Management
• Ensure alignment with CIS, NIST, ISO 27001, and other regulatory frameworks.
• Partner with internal and external stakeholders to manage security incidents, threat intelligence, and risk mitigation strategies.

Team Development & Mentorship
• Build and mentor a high-performing cloud security engineering team.
• Foster a culture of innovation, accountability, and continuous improvement.

Required Skills
•10+ years in cloud security engineering, with 5+ years in leadership roles within large-scale enterprises.
• Proven experience in multi-cloud security architecture (AWS, Azure, GCP) and cloud-native security services.
• Expertise in architectural refactoring, workload migration, and security governance models.
• Strong knowledge of CSPM, SSPM, CIEM, CWPP solutions and CNAPP platforms (e.g., Wiz).
• Familiarity with Cloud Security Alliance, CIS benchmarks, and SANS standards.

Preferred Skills
• Hands-on experience with container security (Docker, Kubernetes) and orchestration platforms.
• Proficiency in Python, PowerShell, Bash for automation and UAT testing.
• Experience with financial industry compliance and regulatory frameworks.
• Strong communication skills to influence executive leadership and articulate technical strategies to non-technical audiences.

Skills:

• Influence

• Risk Management

• Solution Design

• Stakeholder Management

• Technical Strategy Development

• Analytical Thinking

• Application Development

• Collaboration

• Result Orientation

• Solution Delivery Process

• Agile Practices

• Architecture

• Automation

• Data Management

• DevOps Practices