Senior Director, Cloud Security & AI Security
Berkshire Hathaway Specialty Insurance · Boston, MA · 2 wk ago
Information Technology$150k–$220k/yrFull-time
Duties & Responsibilities
- Develop and maintain the organization’s cloud security and AI security strategy, standards, and policies across IaaS, PaaS, and SaaS environments.
- Define and enforce cloud architecture security principles aligned with Zero Trust.
- Identify and enforce AI security controls and configurations aligned with our cloud architecture.
- Lead cloud and AI risk assessments, gap analysis, and initiative planning.
- Guide migration and modernization efforts to ensure secure-by-design implementations.
- Oversee the configuration, monitoring, and continuous improvement of: CSPM, CWPP/CNAPP, SIEM/SOAR integrations for cloud telemetry, Identity threat detection (ITDR).
- Ensure continuous monitoring for misconfigurations, vulnerabilities, and anomalies.
- Support cloud & AI IAM frameworks (least privilege, conditional access, workload identities).
- Drive cloud-related adoption of encryption, secrets management, and key management (BYOK/CMK).
- Ensure efficacy of data classification and DLP controls across cloud environments.
- Embed security controls and testing into CI/CD pipelines in collaboration with AppSec.
- Oversee IaC scanning and container security while supporting SAST/DAST and supply chain security.
- Collaborate with engineering to remediate findings and architect secure workloads.
- Ensure cloud environments meet regulatory and compliance requirements.
- Own cloud security and AI security audits and evidence collection.
- Mature asset inventories, risk registers, and control documentation.
- Build and mentor a team of cloud security & AI security engineers/analysts.
- Provide regular reporting to security leadership and executives.
- Partner across technology, infrastructure, DevOps, and architecture.
Qualifications, Skills And Experience
- 5–10+ years of experience in cybersecurity, with a focus on cloud security.
- Hands-on experience with AWS, Azure, or GCP security services.
- Strong knowledge of: Cloud IAM and identity governance, Network security (VPCs/VNets, firewalls, segmentation), Cloud-native monitoring, threat detection, and logging, Infrastructure-as-Code (Terraform, CloudFormation, Bicep).
- Experience with CSPM, CWPP/CNAPP, SIEM, SOAR, and vulnerability management tools.
- Knowledge of compliance frameworks and cloud shared responsibility models.