Senior Cloud Security Engineering Manager

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

This position is critical to shaping the organization's cloud security roadmap. You will drive architectural refactoring, implement cloud-native security frameworks, and ensure compliance with industry standards and regulatory requirements. Your leadership will enable secure innovation and operational resilience at scale.

• Define and execute the enterprise cloud security strategy, aligning with business objectives and regulatory mandates.
• Lead security architecture modernization, including refactoring legacy systems for resilience and compliance.
• Champion cloud security best practices and integrate advanced security solutions across AWS, Azure, and GCP.

• Architect and oversee multi-cloud security deployments using Infrastructure-as-Code (IaC) and Policy-as-Code (PaC).
• Implement and optimize Cloud Security Posture Management (CSPM), CNAPP platforms (e.g., Wiz), and other advanced security tools.
• Design and enforce secure CI/CD pipelines, automated testing, and deployment practices.
• Establish security governance models, including identity and access management, workload protection, and compliance monitoring.

• Ensure alignment with CIS, NIST, ISO 27001, and other regulatory frameworks.
• Partner with internal and external stakeholders to manage security incidents, threat intelligence, and risk mitigation strategies.

• Build and mentor a high‑performing cloud security engineering team.
• Foster a culture of innovation, accountability, and continuous improvement.

10+ years in cloud security engineering, with 5+ years in leadership roles within large‑scale enterprises.

• Proven experience in multi‑cloud security architecture (AWS, Azure, GCP) and cloud‑native security services.
• Expertise in architectural refactoring, workload migration, and security governance models.
• Strong knowledge of CSPM, SSPM, CIEM, CWPP solutions and CNAPP platforms (e.g., Wiz).
• Familiarity with Cloud Security Alliance, CIS benchmarks, and SANS standards.

• Hands‑on experience with container security (Docker, Kubernetes) and orchestration platforms.
• Proficiency in Python, Power Shell, Bash for automation and UAT testing.
• Experience with financial industry compliance and regulatory frameworks.
• Strong communication skills to influence executive leadership and articulate technical strategies to non‑technical audiences.

• Influence
• Risk Management
• Solution Design
• Stakeholder Management
• Technical Strategy Development
• Analytical Thinking
• Application Development
• Collaboration
• Result Orientation
• Solution Delivery Process
• Agile Practices
• Architecture
• Automation
• Data Management
• Dev Ops Practices

1st shift (United States of America)

40

$ - $ annualized salary, offers to be determined based on experience, education and skill set.

This role is currently benefits eligible. We provide industry‑leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.