Sr Lead, Cloud Security Engineering
Northern Trust · Chicago, IL · 2 wk ago
Engineering$115k–$195k/yrFull-time
Role Description
The Sr Lead Cloud Security Engineer plays a crucial role in ensuring the security, compliance, and resilience of cloud environments, with a focus on supporting Policy as Code (PaC) and Infrastructure as Code (IaC) practices. This role involves implementing security controls, utilizing security tooling for Cloud Security Posture Management (CSPM), and collaborating with application developers’ security champions. As a technical leader you will also mentor junior Engineers.
Responsibilities
- Design, implement and support security measures for cloud platforms (3rd Party, Open Source, native), with a specific emphasis on Azure and AWS
- Develop PaC and IaC through Terraform, maintaining security policies and procedures aligned with industry-standard frameworks such as CIS and NIST 800-53
- Utilize and Implement CSPM tools such as Wiz and Microsoft Defender for Cloud to continuously assess, monitor, and enforce security controls
- Work closely with security champions in various business units, providing guidance and support for their specific security needs
- Contribute to cloud security roadmap to further enhance cloud security practices
- Conduct regular security assessments, audits, and reviews of cloud configurations
- Investigate and respond to security incidents, conducting root cause analysis and implementing corrective actions
- Mentor junior team members
Skills
- Minimum of 3 years working in public cloud as an engineer or developer role
- Minimum of 5 years working as an Engineer, Developer, or Architect in Information Technology preferably Cybersecurity, at least 8-12 years of total experience in IT.
- Strong Infrastructure-as-Code (IaC) expertise using Terraform
- Proficiency in Python or familiarity with Python-based DevOps tooling and automation frameworks
- Expertise with Git-based version control CI/CD processes and technologies (e.g., GitHub Actions, GitHub Package Repository)
- Deep understanding of cloud security principles and the integration of security into development workflows
- Practiced knowledge of cloud infrastructure (AWS, Azure, or GCP) and cloud-native architectures
- Experience with privileged access management and identity systems (e.g., Azure Entra, Okta, Ping) is a plus
- Hands-on proficiency with integrated testing tools
- Effective written and verbal communication skills to collaborate with cross-functional teams
Reasonable Accommodation
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.