Information Technology Security Analyst

The Senior Lead, Cloud provides expert guidance to business lines to ensure the secure design, development, and implementation of complex cloud projects and initiatives. This role ensures alignment with the Bank’s Information Security Standards and compliance with industry regulations. In this senior advisory capacity, you will support multiple business lines, helping them make informed decisions to protect information assets deployed in Public Cloud environments.

• Advising on secure cloud architecture and design for high profile initiatives.
• Ensuring cloud solutions comply with enterprise security standards and regulatory requirements.
• Guiding business lines through risk identification, mitigation strategies, and secure implementation practices.
• Supporting decision making related to the protection of information assets in GCP, Azure, and other cloud environments.

• Influence the design and security posture of high profile cloud initiatives across GCP and Azure.
• Shape and enforce cloud security patterns, standards, and best practices across the enterprise.
• Partner directly with technical leads and business stakeholders to guide secure cloud adoption.
• Conduct Threat Risk Assessments on major cloud programs and drive remediation strategies.
• Strengthen the bank’s cloud governance, compliance, and audit readiness.
• Provide advisory oversight to ensure cloud solutions meet security, compliance, and business objectives.

• Design and implement security controls for cloud-based applications and infrastructure.
• Develop and enforce cloud security patterns, policies, standards, and procedures.
• Conduct comprehensive Threat Risk Assessments (TRAs) on large, high profile GCP and Azure initiatives.
• Evaluate existing security solutions and recommend enhancements or new architectures.
• Identify vulnerabilities, weaknesses, and gaps in cloud environments and propose remediation strategies.
• Provide advisory support on applying the bank’s security standards to cloud technologies.
• Oversee the security posture of assigned lines of business, ensuring appropriate tools and controls are applied.
• Support risk management activities and respond to compliance assessments and third party audits.
• Work directly with technical leads to support cloud initiatives from an Information Security perspective.

Pay Range - $68.00-$84.00

1. 10+ years of hands on technical experience performing security assessments on cloud platforms, CI/CD pipelines, network infrastructure, and complex applications, including risk assessments for cloud migrated workloads.
2. 6+ years of experience in security solution architecture, software development, or hands on implementation of cloud environments, security controls, and cloud based solutions.
3. Strong knowledge of cloud technologies and cloud security across GCP, Azure, or AWS, including Kubernetes, IAM, CI/CD pipelines, Terraform, and infrastructure as code.
4. Familiarity with industry standards and frameworks such as NIST 800-53, ISO 27001/27002/27017/27018, PCI DSS, and CIS benchmarks.

• Experience with GCP and Kubernetes (strong asset).
• Experience supporting compliance assessments, audits, and cloud governance processes.

• Strong communication and documentation skills.
• Ability to translate complex technical requirements into clear, actionable guidance.
• Strong stakeholder management and advisory capabilities.
• Analytical mindset with the ability to identify risks and propose practical solutions.
• Ability to work independently and collaborate across large, matrixed environments.

• Cloud security or cloud architecture certifications (Google, Microsoft, AWS).
• Additional security certifications (CISSP, CISM, CCSP, CRISC) considered an asset.

MS Teams Interview – 1 round - 1 hour – Hiring manager + 2