Jobs · Accounting · Colorado

AWS Cloud Security Assurance Manager

Bank of America · Denver, CO · 2 wk ago
AccountingFull-time

Job Responsibilities

  • Design and execute the Cloud Security Assurance (CSA) strategy for AWS environments in alignment with enterprise security objectives and cloud adoption goals.
  • Integrate CSA activities with cloud governance routines, ensuring consistent governance, transparency, and leadership visibility into cloud risk and control effectiveness.
  • Maintain ongoing visibility into the cloud business roadmap to anticipate emerging risks, influence secure architecture decisions, and align security priorities with business initiatives.
  • Drive cloud security technology requirements and lead technology initiative efforts, including tool selection, implementation, integration, and operational maturity.
  • Provide oversight of vulnerability identification, security posture management, and vulnerability analysis processes across AWS accounts, regions, and services.
  • Establish and govern operational processes for triage, prioritization, escalation, and remediation tracking of high risk cloud findings.
  • Own cloud security posture, vulnerability, and risk metrics, including executive level reporting and audit ready documentation.
  • Lead and develop a team of cloud security specialists, setting clear expectations, performance goals, and development plans.
  • Partner with Cloud Engineering, DevOps, Architecture, GRC, and Risk teams to embed security controls into cloud platforms, standards, and delivery pipelines.
  • Act as a subject matter expert and trusted advisor for cloud security assurance, posture management, and cloud risk governance.

Required Qualifications

  • Deep understanding of AWS native services, architectures, and security controls.
  • Strong knowledge of cloud security posture management, vulnerability management, and workload protection concepts.
  • Experience integrating cloud security assurance with governance, risk, and compliance frameworks.
  • Working knowledge of cloud threat landscapes, attack paths, and risk based prioritization.
  • Experience leading CSPM, CWPP, and related cloud security platforms and tooling.
  • Understanding of DevSecOps practices and integration of security controls into CI/CD pipelines.
  • Ability to translate technical cloud risk into clear business impact for leadership and audit audiences.
  • Proven experience leading and developing technical security teams.
  • Strong analytical, qualitative, and quantitative reasoning skills.
  • Ability to operate independently on complex, high visibility initiatives.
  • Excellent written and verbal communication skills, with the ability to influence across technical and non-technical audiences.

Desired Qualifications

  • CISSP, CISM, CCSP
  • AWS Security Specialty or equivalent cloud security certifications
  • SANS or GIAC cloud and security certifications
  • Experience supporting regulated environments and audit engagements
  • Bachelor’s degree in a technical or security related field

Similar jobs