Head of Cloud Security Tooling

About The Position

Requirements

• Bachelor’s degree and ten to twelve years of experience in systems engineering or an equivalent combination of education and work experience
• Strong functional and technical knowledge of information/cyber security capabilities with deep expertise in one or more of the following areas: Encryption, Data Security, Application Security, End Point Security, Identity and Access Management, Windows/Unix/Linux Systems Security, Mainframe Security, Perimeter Security, Network Security, Mobility Security, Cloud Security, Cyber Security, Cryptography, or Authentication Systems
• Strong understanding of service lifecycle management, strategic planning, and the cyber security landscape

Nice To Haves

• 10+ years in cybersecurity architecture, engineering, or operations.
• Deep knowledge of cloud security tool categories and enterprise deployment models.
• Strong vendor management and contract negotiation skills.
• Expertise in cloud-native architectures, containers, serverless, and DevSecOps tooling.
• Familiarity with MCP/Agentic AI integration models.
• Experience building unified control planes for cloud security tools.
• Financial industry or highly regulated sector experience.

Responsibilities

• Tooling Strategy & Governance
• Own and govern the Cloud Security Tooling Strategy, ensuring coverage across IaaS, PaaS, SaaS, containers, and serverless.
• Define multi-year roadmap for CNAPP, CSPM, CIEM, SSPM, SAST/SCA/DAST, SIEM, secrets management, and cloud identity tooling.
• Rationalize and consolidate overlapping tools; define standards and guardrails.
• Evaluate emerging technologies such as eBPF runtime sensors, LLM-powered detection, and AI-driven risk engines.
• Platform Integration & Engineering
• Drive integration of tools into core platforms: AWS/Azure native services GitLab/Terraform pipelines CrowdStrike, Zscaler, Palo Alto ServiceNow VR/IRM Splunk SIEM/TI
• Ensure strong telemetry collection, unified APIs, and microservices for automated decisioning and MCP agent orchestration.
• Operational Management
• Oversee licensing, procurement, budgeting, and vendor relationships.
• Ensure enterprise-wide adoption of tools with standard operating procedures and documentation.
• Enable SOC, Cloud Security Operations, AppSec, and IAM teams with the right tools to detect, prevent, and respond to cloud threats.
• Compliance & Assurance
• Align tooling coverage with NIST 800-53 Rev5, FedRAMP High, SOX, PCI, and internal policies.
• Ensure tools provide evidence for controls such as: AC-, AU-, SC-, CM-, SI- families SSPM and identity governance Continuous monitoring requirements for regulators

Benefits

• Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates.
• Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays.
• Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan.