Senior Cloud Security Engineer
At BNY, our culture allows us to run our company better and enables employees growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the worlds investible assets. Every day, our teams harness cutting-edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide.
Recognized as a top destination for innovators, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance and this is what #LifeAtBNY is all about. Join us and be part of something extraordinary.
We are seeking a Senior Vice President, Cloud Security Engineer to join our Cloud Security team and lead the implementation of security controls across cloud platforms and cloud-native services, support Cloud Security Strategy and Governance.
This role combines deep expertise in cloud security engineering with strong knowledge of AI-driven technologies and their practical application in cyber security.
It is responsible for advancing secure cloud capabilities through technical leadership, posture management, and close partnership with engineering, architecture, DevSecOps, IAM, and cyber teams.
The ideal candidate brings strong hands-on experience securing cloud workloads across one or more major cloud platforms, understands security control frameworks including NIST SP 800-53, and can translate cloud security requirements into technical controls and measurable operational outcomes. Also required is solid knowledge of Cloud Security Posture Management (CSPM), including tools such as Wiz and native cloud policy and monitoring services. This role is in New York, NY or Pittsburgh, PA
What to expect
In this role, youll make an impact in the following ways
To be successful in this role, were seeking the following
6-10 years of experience in cloud security engineering, security engineering, DevSecOps, infrastructure security, or a related security engineering role.
Strong hands-on experience securing workloads and services in AWS, Azure, or GCP.
Strong knowledge of cloud security principles across IAM, networking, encryption, secrets management, logging, workload protection, resilience, and secure service consumption.
AI enabler for cloud security by identifying, assessing, and promoting AI use cases that improve security outcomes.
Experience with security automation, orchestration, analytics, and AI-driven security tooling.
Experience implementing cloud security controls at scale in enterprise or regulated environments.
Strong familiarity with NIST SP 800-53, MCSB and related control concepts, especially in areas such as: Access Control (AC), Audit and Accountability (AU), Configuration Management (CM), Identification and Authentication (IA), Incident Response (IR), Risk Assessment (RA), System and Communications Protection (SC), System and Information Integrity (SI)
Strong understanding of Cloud Security Posture Management (CSPM) concepts, including continuous compliance monitoring, misconfiguration detection, exposure analysis, and governance workflows.
Experience with CSPM/CNAPP tools such as Wiz, Prisma Cloud, Orca, Lacework, or similar platforms.
Experience with cloud-native policy and posture tools, such as:
AWS Config
AWS Security Hub
AWS Organizations SCPs
Azure Policy
Microsoft Defender for Cloud
GCP Organization Policy
Google Security Command Center
Experience developing or supporting policy-as-code and automated guardrails using tools such as OPA/Rego or equivalent policy frameworks.
Strong experience with Infrastructure as Code and automation using Terraform, CloudFormation, ARM, Bicep, Python, or similar tooling.
Experience with container and Kubernetes security, API security, vulnerability management, and cloud-native control implementation.
Experience supporting or contributing to cloud security strategy, governance processes, standards, exception handling, remediation tracking, and risk reporting.
Strong technical judgment, problem-solving ability, and cross-functional collaboration skills.
Strong written and verbal communication skills, including the ability to explain technical controls in business and risk terms.
Bachelor''s degree in computer science, engineering, cybersecurity, or related discipline, or equivalent practical experience.
Experience in a regulated industry such as financial services.
Familiarity with CIS Benchmarks, CSA CCM, OWASP, or NIST CSF.
Experience supporting remediation workflows tied to cloud security findings.
Exposure to architecture review, risk assessments, or cloud governance processes.
Relevant certifications such as:
AWS Security Specialty
Azure Security Engineer Associate
Google Professional Cloud Security Engineer
CCSP
Lead the implementation and improvement of cloud security controls across supported cloud platforms.
Implement and maintain cloud security controls across supported platforms with Cloud native policies, WIZ rules.
Able to fluently work with KQL, WIZ, Splunk, Azure Policies, bash, Powershell, gcloud, Terraform, Log Analytics, Microsoft Sentinel, Gitlab All development tools fluently in an enterprise setting.
Implement and mature cloud controls aligned to NIST SP 800-53 and enterprise requirements.
Strengthen technical traceability, evidence support, and control consistency.
Identify, prioritize, and help remediate control gaps across cloud environments.
Work with platform, DevOps, architecture, and application teams to embed security into engineering workflows.
Promote adoption of automated controls, secure design patterns, and policy enforcement.
Provide senior-level technical guidance that improves secure cloud adoption at scale.
Preferred qualifications Core responsibilities by domain Cloud security engineering Security controls and framework alignment Engineering partnership Risk and governance
Cloud security strategy and governance
Cloud security posture management
AI Enablement for Cloud Security
What success looks like:
At BNY, our culture speaks for itself, check out the latest BNY news at:
BNY Newsroom
BNY LinkedIn
Heres a few of our recent awards:
Our Benefits and Rewards:
BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your lifes journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.
BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.
BNY assesses market data to ensure a competitive compensation package for our employees. The base salary for this position is expected to be between $83,000 and $209,000 per year at the commencement of employment. However, base salary if hired will be determined on an individualized basis, including as to experience and market location, and is only part of the BNY total compensation package, which, depending on the position, may also include commission earnings, discretionary bonuses, short and long-term incentive packages, and Company-sponsored benefit programs.
This position is at-will and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation) at any time, including for reasons related to individual performance, change in geographic location, Company or individual department/team performance, and market factors.