×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Cloud Computing: Infrastructure & Operations IT Consultant

Cloud Security Design and Controls Lead

Job in Denver, Denver County, Colorado, 80285, USA
Listing for: Bank of America
Full Time position
Listed on 2026-06-17
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Cloud Computing: Infrastructure & Operations, IT Consultant
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Information Security Senior Specialist

The Information Security Senior Specialist will be a key functional member of the Cloud Security Team within the Global Information Security (GIS) and Business Information Security Officer (BISO) organizations. The role is responsible for implementing, managing, and governing security controls across multi-cloud environments, with a specific emphasis on Azure, AWS, and Google platforms, to ensure the protection of organizational data and systems.

This role requires deep expertise in cloud security, architecture principles, and industry standards.

Key Responsibilities
  • Integrate security policies into CI/CD pipelines to enforce compliance during development and deployment.
  • Develop custom modules, scripts, or extensions to adapt off‑the‑shelf security tools to organizational requirements.
  • Act as a bridge between security and Dev Ops teams, ensuring policy alignment with operational workflows.
  • Conduct regular security assessments and audits of cloud environments to identify and mitigate risks.
  • Conduct risk assessments to identify potential security threats and vulnerabilities in cloud environments.
  • Create evidence packages that demonstrate the deployment and effectiveness of security policies to non-technical audiences, audit and governance teams.
  • Participate in internal and external audits to demonstrate compliance with cloud security requirements.
  • Lead the design and implementation of secure cloud architectures and solutions, ensuring alignment with business objectives and security requirements.
  • Maintain and update risk registers and ensure continuous monitoring of cloud security risks.
  • Act as a liaison between the security team and other departments to promote a security‑first culture.
  • Define and implement security controls and policies for cloud environments, ensuring compliance with industry standards (ISO 27001, NIST, GDPR, HIPAA) and bank security policies; continuously improve controls and processes.
  • Develop and maintain documentation for security controls, policies, and procedures.
  • Implement Policy as Code (PaC) using tools such as Hashi Corp Sentinel, Open Policy Agent (OPA), and Terraform.
Required Skills
  • Minimum of 5 years of professional experience designing and implementing cloud security controls.
  • Bachelor's degree in Information Systems or Computer Science, and/or equivalent combination of education and work experience within the domain areas of Cloud Security.
  • In-depth understanding of cloud security principles, best practices for Azure and/or AWS platforms, and industry frameworks such as OWASP Top 10, NIST, CSA, CIS benchmarks.
  • Experience building and implementing Infrastructure as Code and/or Policy as Code governance strategies.
  • Experience conducting security assessments, risk analyses, and developing security concepts.
  • Hands‑on experience with cloud security tools and technologies such as AWS Security Hub, Azure Security Center, Google Cloud Security Command Center, and/or Wiz.
  • Extensive knowledge of security tools and technologies such as SIEM, IDS/IPS, DLP, firewalls, PKI, and identity management in cloud environments, including AWS networking primitives, security groups, network access control lists, proxies, firewall and WAF technologies.
  • Experience with cloud and containerized technologies, AKS, EKS, ECS, serverless, Kubernetes and Docker.
  • Extensive knowledge of public cloud service providers and the threats to workloads within those environments.
  • Active AWS Security Specialty or Azure AZ‑500 certification.
Desired Qualifications
  • Master's degree in Information Systems or Computer Science, and/or equivalent combination of education and work experience within the domain areas of Cloud Security.
  • Relevant industry certifications such as ISC² and SANS GIAC are highly desirable.
  • Strong communication and interpersonal skills to work effectively with cross‑functional teams.
  • Ability to manage multiple projects and priorities in a fast‑paced environment.
Additional Skills
  • Customer and Client Focus
  • Interpret Relevant Laws, Rules, and Regulations
  • Policies, Procedures, and Guidelines
  • Problem Solving
  • Quality Assurance
  • Business Process Analysis
  • Data Privacy and Protection
  • Innovativ…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search