Lead, Attack Surface Management

Job Classification:

Technology - Information Security Lead the Cloud Database vulnerability and compliance security strategy, including the design and implementation of attack surface reduction and security configurations across all our enterprise cloud environments.

This key role will be responsible for ensuring the confidentiality, integrity, and availability of data stored in cloud databases across multiple platforms, as well as leading a team of security professionals and collaborating with cross-functional stakeholders.

*
* Key Responsibilities:

*
* • Develop and execute a comprehensive cloud database security strategy aligned with organizational goals and compliance requirements.  
• Lead the design and implementation of security controls for cloud-based databases. Develop and maintain cloud database security policies, procedures, and best practices in alignment with industry standards and regulatory requirements and compliance.  
• Formalize the security requirements to evaluate, procure and operationalize a Cloud DB solution to support threat detection, vulnerabilities and configuration compliance  
• Oversee the identification, assessment, and mitigation of security risks related to cloud data storage and access.  
• Implement and manage monitoring, detection, and response processes for potential threats and vulnerabilities impacting cloud databases.  
• Collaborate with Dev Ops, IT, and application teams to ensure secure cloud database deployments and configurations.  
• Ensure compliance with relevant standards and regulations (e.g., GDPR, HIPAA, PCI DSS, SOC 2, SOX, ISO 27001, and others as required).  
• Conduct regular vulnerability and configuration risk assessments on cloud database systems to assess effectiveness and support hardening efforts.  
• Track, prioritize, and orchestrate remediation activities for any vulnerability and compliance issues identified in the platform, ensuring timely remediation.  
• Implement policies for continuous monitoring and preventive controls.  
• Maintain documentation and artifacts for compliance reporting and certifications.  
• Collaborate with external partners, vendors, and auditors to ensure compliance with security standards and regulations.  
• Responsible for continuous monitoring of cloud database attack surface and ensuring remediation governance via escalation to business and risk advisors.

• Support managers and Prudential leadership on new initiatives and opportunities to grow our security practices.

• Ensures proper communication of the program’s results, opportunities, and deficiencies, as needed.

• Responsible for review and approval of remediation deferment requests, escalation where appropriate    
*
* Qualifications:

*
* • 5+ years of experience in information security, with at least 3 years focused on cloud database security.  
• Experience with Vulnerability management lifecycle best practices and tools used for compliance and vulnerability cloud monitoring (Wiz, Guardium, Cloud Native – AWS, Azure)

Experience with standard frameworks, such as MITRE ATT&CK, CIS and NIST.

• Deep understanding of cloud platforms (AWS, Azure, GCP) and their database services.  
• Experience with database security tools, encryption, access controls, and key management.  
• Strong knowledge of regulatory and compliance frameworks relevant to data protection.  
• Demonstrated leadership and team management skills.  
• Excellent communication and stakeholder management abilities#
*
* What we offer you:

**# Prudential is required by state specific laws to include the salary range for this role when hiring a resident in applicable locations. The salary range for this role is from $ to $. Specific pricing for the role may vary within the above range based on many factors including geographic location, candidate experience, and skills.
* ** Market competitive base salaries, with a yearly bonus potential at every level.**
* ** Medical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental and military leave.
*** 401(k) plan with company match (up to 4%).
* Company-funded pension plan.
* ** Wellness Programs
** including up…