Jobs · Information Technology · Massachusetts

Senior Director, Cloud Security & AI Security

Berkshire Hathaway Specialty Insurance · Boston, MA · 2 wk ago
Information Technology$150k–$220k/yrFull-time

Duties & Responsibilities

  • Develop and maintain the organization’s cloud security and AI security strategy, standards, and policies across IaaS, PaaS, and SaaS environments.
  • Define and enforce cloud architecture security principles aligned with Zero Trust.
  • Identify and enforce AI security controls and configurations aligned with our cloud architecture.
  • Lead cloud and AI risk assessments, gap analysis, and initiative planning.
  • Guide migration and modernization efforts to ensure secure-by-design implementations.
  • Oversee the configuration, monitoring, and continuous improvement of: CSPM, CWPP/CNAPP, SIEM/SOAR integrations for cloud telemetry, Identity threat detection (ITDR).
  • Ensure continuous monitoring for misconfigurations, vulnerabilities, and anomalies.
  • Support cloud & AI IAM frameworks (least privilege, conditional access, workload identities).
  • Drive cloud-related adoption of encryption, secrets management, and key management (BYOK/CMK).
  • Ensure efficacy of data classification and DLP controls across cloud environments.
  • Embed security controls and testing into CI/CD pipelines in collaboration with AppSec.
  • Oversee IaC scanning and container security while supporting SAST/DAST and supply chain security.
  • Collaborate with engineering to remediate findings and architect secure workloads.
  • Ensure cloud environments meet regulatory and compliance requirements.
  • Own cloud security and AI security audits and evidence collection.
  • Mature asset inventories, risk registers, and control documentation.
  • Build and mentor a team of cloud security & AI security engineers/analysts.
  • Provide regular reporting to security leadership and executives.
  • Partner across technology, infrastructure, DevOps, and architecture.

Qualifications, Skills And Experience

  • 5–10+ years of experience in cybersecurity, with a focus on cloud security.
  • Hands-on experience with AWS, Azure, or GCP security services.
  • Strong knowledge of: Cloud IAM and identity governance, Network security (VPCs/VNets, firewalls, segmentation), Cloud-native monitoring, threat detection, and logging, Infrastructure-as-Code (Terraform, CloudFormation, Bicep).
  • Experience with CSPM, CWPP/CNAPP, SIEM, SOAR, and vulnerability management tools.
  • Knowledge of compliance frameworks and cloud shared responsibility models.

Similar jobs

Senior Officer, AI Cloud and Security

International Federation of Red Cross and Red Crescent Societies - IFRCIndiana, United States· 1 wk ago
Information Technologyapply on careers.ifrc.org