Serves as the subject matter expert for cloud, application, workload, and cloud-native security architecture across the Bank.
Designs and validates secure cloud and application environments, embedding controls across workloads, containers, automation pipelines, and DevSecOps.
Works closely with development, cloud, and operations teams to ensure secure-by-design and consistent implementations in multi-cloud and hybrid setups.
Translates cloud and application security objectives into actionable controls and measurable outcomes aligned with enterprise security strategy.
Conducts posture assessments and defines security baselines for workloads, applications, and automation processes.
Identifies risks from emerging cloud-native technologies and drives structured remediation and improvement programs.
Represents the Bank in solutioning forums, advising on secure design adoption for development, automation, and platform engineering.
Ensures cloud security tools, governance frameworks, and architectural principles are effectively integrated across environments.
Contributes to enterprise programs such as Cyber Defense, Zero Trust, and technology modernization by embedding scalable security practices.
Ensures security automation, container governance, and application controls are designed for consistent use across regions and platforms.
Identifies and quantifies risks in cloud, application, and DevSecOps domains, mapping them to regulatory and enterprise compliance requirements.
Provides recommendations to address control gaps and strengthen compliance in dynamic CI/CD environments.
Ensures projects incorporate required security controls from design through deployment, validating implementations across services and pipelines.
Evaluates cloud and application security tools for scalability, fit, and integration efficiency, providing structured recommendations.
Acts as a change agent by promoting secure coding, pipeline standardization, and security integration within agile and DevSecOps workflows, while advising on architecture decisions that balance security, efficiency, and sustainability.
Job Requirements:
Bachelor's Degree in Computer Science, Information Security, Software Engineering, or a related field.
Advanced studies or specialization in Cloud Computing or Cybersecurity is advantageous.
Minimum 810 years of experience in IT security, together with cloud & application security, or DevSecOps, preferably within a regulated or financial services environment.
At least 5 years hands-on experience designing or engineering secure cloud architectures, workloads, and automation pipelines.
Minimum 3 years exposure to cloud-based security platforms and enterprise security tools.
Demonstrated expertise integrating application and container security within modern CI/CD ecosystems and ensuring compliance with industry standards.
Preferred certifications include CCSP, AWS Certified Security Specialty, Azure Security Engineer Associate, or Google Cloud Security Engineer. Complementary credentials such as CISSP, CISM, or DevSecOps/Container Security (GIAC, Kubernetes Security Specialist) are a plus.
