Cloud Security Manager

Description

Locations: This role will require a 3-day hybrid work schedule in one of our primary organizational hubs including: Johnston, RI - Pittsburgh, PA - Phoenix, AZ - Westwood or Medford, MA - Charlotte, NC - Plano, TX - Iselin, NJ 

Position Overview 

At our organization, we are committed to excellence, and as part of our team, you’ll be equipped for a rewarding career filled with dynamic challenges and opportunities for growth. The Cloud Security Manager will spearhead the enterprise-wide strategy for establishing, deploying, and operationalizing a robust Cloud Security Posture Management (CSPM) solution to safeguard our cloud environments. This leader will play a pivotal role in ensuring the security of our cloud infrastructure while collaborating with cross-functional teams to align with organizational Cybersecurity Policies and risk-based priorities. 

This position demands exceptional leadership, deep technical expertise, and the ability to work seamlessly with technology, business, audit, and compliance stakeholders. The Cloud Security Manager will also focus on developing actionable metrics and maintaining transparency with Federal Regulators, enterprise risk teams, and auditors. 

Key Responsibilities 

Cloud Security Posture Management: 

• Lead the deployment and operationalization of a comprehensive CSPM solution across multi-cloud environments (AWS, Azure, GCP). 
• Develop and implement strategies to identify, assess, and mitigate cloud-specific risks and misconfigurations. 

Technical Oversight: 

• Oversee the integration and management of cloud security tools, including those for identity and access management, encryption, and threat detection. 
• Ensure adherence to industry standards such as NIST, CIS, ISO 27001, and CSA CCM. 

Cloud and Infrastructure Leadership: 

• Provide strategic direction for securing cloud workloads, containers, and serverless architectures. 
• Collaborate with DevOps and engineering teams to embed security practices into CI/CD pipelines (DevSecOps). 

Risk Management and Collaboration: 

• Establish KPIs to monitor cloud security effectiveness and report on the organization’s risk posture. 
• Engage with Federal Regulators, internal/external audit teams, enterprise risk, compliance, and senior leadership to ensure transparency and alignment. 
• Communicate cloud security risks, mitigation strategies, and progress to executive stakeholders. 
• Build strong partnerships with cloud architecture, infrastructure, and application development teams. 

Team Leadership: 

• Manage and mentor a team of cloud security professionals, fostering a culture of innovation, accountability, and continuous improvement. 

Required Experience and Skills 

• 10+ years of experience in cybersecurity, with a strong emphasis on cloud security and infrastructure protection. 
• 5+ years of leadership experience, including managing technical teams. 
• Proven expertise in standing up and operationalizing large-scale cloud security solutions in AWS, Azure, or GCP environments. 
• Familiarity with tools such as cloud-native security platforms, SIEM, and vulnerability management systems. 
• In-depth knowledge of risk management frameworks (e.g., NIST 800-53, CIS Controls, CSA CCM). 
• Demonstrated ability to drive security initiatives across complex, enterprise-scale cloud environments. 
• Exceptional communication skills, with the ability to distill complex technical topics for non-technical stakeholders and regulators. 
• Solid understanding of cloud security standards, including IAM, network security, and encryption best practices. 

Education and Certifications 

• A bachelor’s degree in Computer Science, Information Security, or a related field. 
• Preferred Certifications: OSCP, CISSP, CCSP, CISM, AWS Certified Security Specialty, Microsoft Certified: Cybersecurity Architect Expert, or equivalent. 

Pay Transparency

The salary range for this position is $175,000 - $210,000 per year  plus an opportunity to earn an annual discretionary bonus. Actual pay is based on various factors including but not limited to the work location, and relevant skills and experience.  

We offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more. Note, Citizens’ paid time off policy exceeds the mandatory, paid sick or paid time-away policy of very local and state jurisdiction in the United States. For an overview of our benefits, visit https://jobs.citizensbank.com/benefits.

Some job boards have started using jobseeker-reported data to estimate salary ranges for roles. If you apply and qualify for this role, a recruiter will discuss accurate pay guidance.

Equal Employment Opportunity

Citizens, its parent, subsidiaries, and related companies (Citizens), provides equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability, or history or record of a disability, ethnicity, gender, gender identity or expression, transgendered and transitioning individuals, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague’s or a dependent’s reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens we are committed to fostering an inclusive culture that enables colleagues to bring their best selves to work every day and where all are expected to be treated with respect and professionalism. Employment decisions are based solely on experience, performance, and ability. We perform our best so we can do more for our customers, colleagues, communities and shareholders.