Director, Cloud Security Architecture & Engineering

About The Position

Requirements

• Bachelor's degree in computer science, information systems, or information technology, or equivalent work experience.
• Minimum 12 years of IT Security experience, with 5 years focused on AWS architecture
• AWS Solutions Architect – Associate Certification
• AWS Security Specialty
• CISSP Certification
• Deep expertise in AWS-native and third-party security tools
• Strong understanding of cloud governance, infrastructure as code (IaC), encryption, networking, and identity management.
• Strone experience with Snowflake and S/4HANA
• Hands-on scripting and automation (Python, Terraform)
• Strong experience with Splunk
• Experience with multi-cloud environments (AWS, Azure, M635)
• Strong writing and communication skills across technical and executive audiences
• Experience with leading and team management
• Ability to multi-task, work independently and/or within a team, pay attention to detail and meet deadlines.
• Utilize sound judgement, business acumen and problem-solving skills and ability to work in fast-paced, high-volume, team environment.
• Ability to work nights, weekends and holidays

Nice To Haves

• AWS Solutions Architect – Professional Certification
• CCSP Certification
• Master’s degree

Responsibilities

• Cloud Security Architecture and Engineering Own and evolve the enterprise cloud security architecture across AWS, SaaS platforms, hybrid infrastructure, applications, networking, and operational technologies, ensuring alignment with business strategy and risk tolerance. Define and implement AWS-native security architectures including identity, encryption, network segmentation, logging, detection, and governance capabilities, to enable secure and scalable cloud adoption. Support the re-architecture and migration of Azure workloads to AWS, ensuring security-by-design principles are embedded throughout the migration lifecycle. Design, implement and enforce Zero Trust security models to ensure protection of cloud and hybrid environments.
• Integration & Engineering Collaboration Integrate AWS with enterprise security platforms such as Zscaler, Splunk, and BeyondTrust to enable centralized visibility, control and response. Collaborate with DevOps and cloud infrastructure teams to embed security into DevOps pipelines, leveraging automation for vulnerability management, code scanning, configuration validation and continuous compliance. Support the establishment and oversee cloud identity and access management (IAM) strategies, including federation, least privilege, just in time access, identity governance, and Zero Trust principles. Integrate with multiple IdPs including Entra ID and SAP IAS.
• Governance, Risk and Compliance (GRC) Establish tailored governance, risk, and compliance (GRC) frameworks for cloud adoption, including policy-as-code and automated compliance monitoring aligned to industry standards and regulatory requirements. Develop templates, accelerators, and reusable security artifacts that improve delivery speed, consistency, and compliance across cloud initiatives for BBG. Monitor emerging cloud services, regulatory changes, and threat trends to proactively assess risk and advise leadership on security posture and mitigation strategies.
• Leadership, Delivery & Response Lead and develop cloud security architecture and engineering teams, setting technical direction, delivery priorities, and performance expectations. Provide architectural oversight and subject matter expertise for enterprise and cross-functional initiatives, ensuring security outcomes are consistently achieved. Own and evolve the cloud security tools, platforms, and services portfolio to maximize effectiveness and return on investment. Oversee cloud incident response and forensics capabilities, leveraging native cloud telemetry and SIEM integrations to enable rapid detection, investigation, and recovery. Deliver thought leadership through executive briefings, architecture reviews, and security workshops, influencing stakeholders and driving secure cloud transformation.
• Other duties, as assigned by the jobholder’s supervisor, may also be required.

Benefits

• This position is eligible to participate in a bonus program.
• This position is eligible for health care benefits, life insurance, time off benefits and participation in the Company’s 401(k) plan