Senior Vice President, Senior Cloud Security Engineer , NY, Posted
Listed on 2026-06-04
-
IT/Tech
Cybersecurity, Systems Engineer
Location: New York
Senior Cloud Security Engineer
At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting‑edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide.
Recognized as a top destination for innovators, BNY is where bold ideas meet advanced technology and exceptional talent. Together we power the future of finance – and this is what #LifeAtBNY is all about. Join us and be part of something extraordinary.
We are seeking a Senior Cloud Security Engineer to join our Cloud Security team and lead the implementation of security controls across cloud platforms and cloud‑native services, support Cloud Security Strategy and Governance.
This role combines deep expertise in cloud security engineering with strong knowledge of AI‑driven technologies and their practical application in cyber security.
It is responsible for advancing secure cloud capabilities through technical leadership, posture management, and close partnership with engineering, architecture, Dev Sec Ops , IAM, and cyber teams.
The ideal candidate brings strong hands‑on experience securing cloud workloads across one or more major cloud platforms, understands security control frameworks including NIST SP 800‑53, and can translate cloud security requirements into technical controls and measurable operational outcomes. Also required is solid knowledge of Cloud Security Posture Management (CSPM), including tools such as Wiz and native cloud policy and monitoring services.
This role is in New York, NY or Pittsburgh, PA.
- Be part of a team focused on strengthening enterprise cloud security capabilities across public cloud and cloud‑native environments.
- Contribute to the implementation of secure cloud design patterns, technical standards, and control requirements.
- Partner closely with cloud engineering, Dev Sec Ops , IAM, platform teams, and cyber stakeholders.
- Gain experience across cloud security engineering, automation, posture management, and governance support.
- Help translate cloud security requirements into practical technical controls and repeatable implementation patterns.
- Support cloud security strategy and governance through engineering execution, control adoption, and reporting inputs.
- Lead the engineering, implementation, and continuous improvement of cloud security controls for identity and access management, network security, encryption, key management, secrets management, logging, monitoring, and workload protection in AWS, Azure, or GCP.
- Act as an AI enabler for cloud security by identifying, assessing, and promoting AI use cases that improve security outcomes.
- Support the adoption of AI‑driven capabilities for threat detection, risk analysis, automation, incident response, and security operations.
- Translate security and control requirements into repeatable engineering solutions and implementation standards.
- Support the design and implementation of technical controls aligned to NIST SP 800‑53 and related enterprise security requirements.
- Lead implementation efforts for container, Kubernetes, API, and cloud‑native workload security controls.
- Drive the operational maturity of Cloud Security Posture Management (CSPM) capabilities to identify misconfigurations, policy violations, excessive permissions, exposed assets, and control drift.
- Partner with engineering and cyber teams to optimize Wiz and similar CSPM/CNAPP platforms, including workflow integration, prioritization, remediation support, and reporting.
- Design and strengthen the use of cloud‑native posture and policy services, including AWS Config, AWS Security Hub, AWS Organizations SCPs, Azure Policy, Microsoft Defender for Cloud, GCP Organization Policy, and Security Command Center.
- Define and implement policy‑as‑code, automated guardrails, and infrastructure‑as‑code patterns to improve control consistency and…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).