Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
The Cloud Security Controls Governance Manager is responsible for implementing, managing, and governing security controls across multi-cloud environments, with a specific emphasis on Azure and AWS platforms, to ensure the protection of organizational data and systems. This role requires deep expertise in cloud security, architecture principles, and industry standards. The ideal candidate will work closely with various teams to ensure the security of cloud-based applications, data, and infrastructure, particularly on platforms like AWS and Azure. Will manage a team of 5-7.
Key Responsibilities:
- Manages a team responsible for executing the cloud security reviews for bank managed cloud environments
- Provides oversight of internal and external stakeholder relationships, including Line of Business delegates and regulators, to mitigate and remediate information security risks
- Ensures Information Technology systems meet enterprise standards, adhere to applicable rules, laws, and regulations, and comply with appropriate treatment of risk
- Works with leaders to identify information security policy impacts to front line units
- Develop and implement security controls for cloud infrastructure (IaaS, PaaS, SaaS) based on industry best practices, compliance requirements, and bank security policies.
- Ensure appropriate security measures are in place to protect against threats, vulnerabilities, and breaches in Azure and AWS environments.
- Develop and maintain documentation for cloud security controls, policies, and procedures.
- Monitor and evaluate the effectiveness of existing cloud security controls and recommend enhancements.
- Conduct regular security assessments and audits of cloud environments to identify and mitigate potential security threats and vulnerabilities in cloud environments.
- Participate in internal and external audits to demonstrate compliance with cloud security requirements.
- Provide guidance and training to stakeholders on cloud security best practices and the implementation of security controls.
- Act as a liaison between the security team and other departments to promote a security-first culture.
- Collaborate with DevOps, IT, and business teams to integrate security controls into cloud deployments and CI/CD pipelines.
- Stay current with emerging cloud security trends, technologies, and best practices.
- Continuously improve security controls and processes to enhance the organization's security posture.
Required Skills:
- In-depth understanding of cloud security principles, best practices for Azure and AWS platforms, and industry frameworks such as OWASP Top 10, NIST, CSA, CIS benchmarks.
- Experience building and implementing Infrastructure as Code and/or Policy as Code governance strategies.
- Experience conducting security assessments, risk analyses, and developing security concepts.
- Hands-on experience with cloud security tools and technologies such as AWS Security Hub, Azure Security Center, Google Cloud Security Command Center, and/or Wiz.
- Extensive knowledge of security tools and technologies such as SIEM, IDS/IPS, DLP, firewalls, PKI, and identity management and how they work in cloud environments. Specifically in network security, including AWS networking primitives, security groups, network access control lists, proxies, firewall and WAF technologies.
- Experience with cloud and containerized technologies, AKS, EKS, ECS, serverless, Kubernetes and Docker
- Extensive knowledge of public cloud service providers and the threats to workloads within those environments
- Currently hold active AWS Security Specialty or Azure AZ-500 certification
Desired Skills:
- Master’s degree in Information Systems or Computer Science and/or equivalent combination of education and work experience within the domain areas of Cloud Security
- Relevant industry certifications such as ISC2 and SANS GIAC are highly desirable.
- Strong communication and interpersonal skills to work effectively with cross-functional teams.
- Ability to manage multiple projects and priorities in a fast-paced environment.
- Bachelor’s degree in Information Systems or Computer Science and/or equivalent combination of education and work experience within the domain areas of Cloud Security
This job will be open and accepting applications for a minimum of seven days from the date it was posted.
Shift:
1st shift (United States of America)Hours Per Week:
40Pay Transparency details
US - CO - Denver - 1144 15th St (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842)Pay and benefits informationPay range$160,000.00 - $185,100.00 annualized salary, offers to be determined based on experience, education and skill set.Discretionary incentive eligibleThis role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.BenefitsThis role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.