Application Deadline:
04/29/2025Address:
320 S Canal StreetJob Family Group:
TechnologyWe are seeking a highly skilled Cloud Security Engineer with CSPM (Cloud Security Posture Management) expertise to strengthen our cloud security posture across multi-cloud environments. This role will be responsible for designing, implementing, and optimizing CSPM solutions to ensure continuous compliance, risk mitigation, and proactive threat management. The ideal candidate will work closely with cross-functional teams to integrate security best practices into cloud environments, ensuring scalability and resilience.
CSPM Implementation & Optimization:
Lead the deployment, configuration, and management of CSPM tools (e.g., Prisma Cloud, Wiz, Orca, Lacework) to monitor cloud environments for misconfigurations and compliance risks.
Develop and maintain CSPM policies aligned with industry standards such as NIST, CIS, and ISO 27001.
Continuously refine rules and alerts to reduce noise and prioritize critical vulnerabilities.
Cloud Security Posture Management:
Conduct in-depth assessments of cloud configurations (AWS, Azure, GCP) to identify and remediate security risks.
Collaborate with DevOps and Cloud Engineering teams to implement automated remediation workflows using Infrastructure as Code (IaC) and CI/CD pipelines.
Provide subject matter expertise on cloud security architecture, including identity and access management (IAM), data protection, and workload security.
Risk & Compliance Management:
Ensure cloud environments adhere to regulatory and compliance & Cyber frameworks.
Work with compliance teams to support audits and provide evidence of cloud security controls.
Develop dashboards and reports for leadership to measure cloud security effectiveness and trends.
Threat Detection & Incident Response:
Leverage CSPM insights to identify emerging threats and vulnerabilities in cloud environments.
Collaborate with SOC teams to enhance cloud threat detection and incident response capabilities.
Implement automated guardrails to prevent security drift and enforce least privilege principles.
Qualifications:
Bachelor's degree in Computer Science, Cybersecurity, or related field (Master’s preferred).
5+ years of experience in cloud security engineering with a focus on CSPM solutions.
Expertise in cloud platforms (AWS, Azure, GCP) with certifications such as AWS Certified Security Specialty, Azure Security Engineer Associate, or Google Cloud Security Engineer.
Proficiency in CSPM tools such as Prisma Cloud, Wiz, Orca, Check Point CloudGuard, or similar.
Hands-on experience with security automation using Terraform, CloudFormation, Python, or Bash.
Strong understanding of cloud security frameworks and standards (CIS, NIST, CSA, MITRE ATT&CK).
Experience with cloud-native security controls (IAM, KMS, VPC security, encryption, logging, and monitoring).
Excellent communication and collaboration skills with the ability to influence stakeholders.
Preferred Skills:
Experience working in highly regulated environments (finance, healthcare, etc.).
Knowledge of security information and event management (SIEM) integration with CSPM tools.
Prior experience in DevSecOps, automation, and orchestration.
Salary:
$87,000.00 - $161,400.00Pay Type:
SalariedThe above represents BMO Financial Group’s pay range and type.
Salaries will vary based on factors such as location, skills, experience, education, and qualifications for the role, and may include a commission structure. Salaries for part-time roles will be pro-rated based on number of hours regularly worked. For commission roles, the salary listed above represents BMO Financial Group’s expected target for the first year in this position.
BMO Financial Group’s total compensation package will vary based on the pay type of the position and may include performance-based incentives, discretionary bonuses, as well as other perks and rewards. BMO also offers health insurance, tuition reimbursement, accident and life insurance, and retirement savings plans. To view more details of our benefits, please visit: https://jobs.bmo.com/global/en/Total-Rewards
About Us
At BMO we are driven by a shared Purpose: Boldly Grow the Good in business and life. It calls on us to create lasting, positive change for our customers, our communities and our people. By working together, innovating and pushing boundaries, we transform lives and businesses, and power economic growth around the world.
As a member of the BMO team you are valued, respected and heard, and you have more ways to grow and make an impact. We strive to help you make an impact from day one – for yourself and our customers. We’ll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we’ll help you gain valuable experience, and broaden your skillset.
To find out more visit us at http://jobs.bmo.com/us/en
BMO is proud to be an equal employment opportunity employer. We evaluate applicants without regard to race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or any other legally protected characteristics. We also consider applicants with criminal histories, consistent with applicable federal, state and local law.
BMO is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to BMOCareers.Support@bmo.com and let us know the nature of your request and your contact information.
Note to Recruiters: BMO does not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to BMO, directly or indirectly, will be considered BMO property. BMO will not pay a fee for any placement resulting from the receipt of an unsolicited resume. A recruiting agency must first have a valid, written and fully executed agency agreement contract for service to submit resumes.