VP , P4, Lead Cloud & Infra Eng : Job Level - Vice President
About The Position
We are seeking an experienced Senior Cloud Security Engineer to join our growing security engineering team. In this role, you will be responsible for designing, building, and maintaining secure cloud infrastructure while partnering closely with IT Platform teams to integrate security controls across the enterprise. You will play a critical role in shaping our cloud security posture within a highly regulated financial services environment. In the Technology division, we leverage innovation to build the connections and capabilities that power our Firm, enabling our clients and colleagues to redefine markets and shape the future of our communities. This is a Cloud & Infrastructure Engineering position at VP, which is part of the job family responsible for managing and optimizing technical infrastructure and ensuring the seamless operation of IT systems to support business needs effectively. Since 1935, Morgan Stanley is known as a global leader in financial services, continuously evolving and innovating to better serve our clients and our communities in more than 40 countries around the world.
Requirements
- 5-10 years of experience in information security, with a strong focus on cloud security engineering
- Hands-on experience securing cloud environments (Azure preferred given the financial sector context; AWS/GCP a plus)
- Proficiency with Terraform for infrastructure-as-code and security automation
- Experience with Wiz or similar CSPM/CNAPP platforms (e.g., Prisma Cloud, Orca)
- Familiarity with CI/CD pipelines using GitHub Actions and/or Azure DevOps
- Working knowledge of NIST CSF and CISA cybersecurity frameworks and their application in regulated environments
- Strong understanding of cloud-native security concepts: IAM, network segmentation, secrets management, encryption, and logging/monitoring
Nice To Haves
- Experience working in financial services or other highly regulated industries (SOX, PCI-DSS, or similar compliance exposure)
- Familiarity with Zero Trust architecture principles
- Experience with SIEM platforms, EDR tooling, and cloud-native security services
- Background in DevSecOps practices and shifting security left in the development lifecycle
- Exposure to container security (Kubernetes, Docker) and serverless security patterns
Responsibilities
- Design and implement cloud security architecture, controls, and guardrails across enterprise cloud environments (Azure, AWS, and/or GCP)
- Build and maintain security infrastructure-as-code using Terraform, ensuring repeatable and auditable deployments
- Integrate security tooling and workflows with IT Platform partners via Azure DevOps (AZDO) and GitHub pipelines
- Manage and optimize cloud security posture using Wiz, including vulnerability management, misconfiguration detection, and risk prioritization
- Develop and enforce security policies aligned with NIST Cybersecurity Framework and CISA guidelines
- Collaborate cross-functionally with platform engineering, DevOps, and compliance teams to embed security into the SDLC
- Lead threat modeling, security reviews, and risk assessments for cloud-based systems and services
- Monitor, detect, and respond to cloud security incidents and emerging threats
- Mentor junior engineers and contribute to security standards documentation and runbooks
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
5,001-10,000 employees
