Cloud Security & Automation Engineer - VP

BNY Mellon - Pittsburgh, PA

posted 13 days ago

Full-time - Mid Level
Pittsburgh, PA
10,001+ employees
Credit Intermediation and Related Activities

About the position

The Cloud Security & Automation Engineer - VP role at BNY Mellon is focused on delivering a transformative cloud security program aligned with the company's overall cloud strategy. This position involves collaboration with various stakeholders to enhance cloud security and automation, ensuring compliance with industry best practices and regulatory requirements. The role offers opportunities for specialization in cyber disciplines and aims to influence the bank's cloud security strategy.

Responsibilities

  • Design, implement, and maintain secure cloud environments in accordance with industry best practices and regulatory requirements.
  • Optimize cloud security controls and capabilities to ensure compliance with relevant regulations and organizational policies.
  • Integrate security tools and practices into the CI/CD pipeline, ensuring security is embedded in all stages of the software development lifecycle.
  • Partner closely with cloud architecture, engineering, and development teams to refine automation capabilities for cloud service design patterns.
  • Implement monitoring and logging solutions to detect and respond to security threats and incidents in real-time.
  • Provide security domain expertise on protective controls, including system, network, encryption, and authentication services.
  • Collaborate with stakeholders to define security requirements and provide guidance on secure development practices.
  • Develop and maintain documentation related to security policies, procedures, and best practices.
  • Provide training and support to development and operations teams on security-related topics and tools.

Requirements

  • Bachelor's or Graduate degree in engineering, computer science or a related discipline or equivalent work experience required.
  • 8+ years of experience in information security or related technology experience required, with experience in the securities or financial services industry being a plus.
  • 3-4 years of larger scale application scripting/development experience combined with 2-3 years of direct experience working with and securing cloud native workloads in one or more of the three major cloud service providers (Microsoft Azure, Google Cloud Platform, and AWS).
  • Expertise in cloud-native container and container orchestration security (e.g., Azure Kubernetes Service).
  • Experience developing Infrastructure-as-code/Policy-as-code components and automation using languages and tools like Python, Terraform, ARM/BICEP.
  • Experience in implementing security controls in CI/CD pipelines and third-party security tools.
  • Experience in API Security and implementation of appropriate security controls.
  • Experience with software architectures and development/scripting experience in at least one programming language.
  • Experience with cyber security related processes and tooling (e.g., Vulnerability management, IAM).
  • Familiarity with adopting cloud security frameworks and best practices (e.g., NIST, CIS, CSA CCM, and OWASP).

Benefits

  • Highly competitive compensation
  • Generous paid leaves including paid volunteer time
  • Access to flexible global resources and tools for personal and professional development
  • Wellbeing programs focused on health and personal resilience

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service