AVP – Cloud Security
| Company | Cna Financial Corp |
|---|---|
| Location | Remote in USA, Chicago, IL, USA |
| Salary | $152000 – $242000 |
| Type | Full-Time |
| Degrees | Bachelor’s, Master’s |
| Experience Level | Expert or higher |
Requirements
- Expert knowledge of cloud system architecture and key cloud security concepts.
- Proven track record in hiring and managing cloud security staff.
- Expertise in Google Cloud Platform and other cloud platform security solutions.
- Deep knowledge of cloud methodologies (IaaS, PaaS, SaaS), automation, orchestration, cost frameworks, trends, and industry-leading cloud vendor offerings and integrations.
- Hands-on experience configuring cloud security services (IAM, SCC, CloudTrail, etc.) and relevant certifications.
- Experience with DevSecOps, Agile Methodologies, third-party cloud security tools, and Cloud Native Application Architectures.
- Proficient in evaluating risks in line with information security goals and organizational risk tolerance, supported by strong analytical capabilities.
- Excellent interpersonal, verbal, presentation, and written communication skills for effective interaction with internal and external stakeholders.
- Ability to work independently, under pressure, and meeting deadlines while exhibiting high levels of motivation, confidence, and responsibility.
- Excellent project management skills with effective organization and planning abilities to successfully achieve project goals.
- Bachelor’s Degree required; Master’s preferred in Computer Science or related discipline, or equivalent experience.
- Minimum of ten years of IT Security experience, with recent cloud security experience.
- Experience with cloud security and governance tools, and server virtualization technologies.
Responsibilities
- Develops and coordinates CNA’s Cloud Security strategy, ensuring secure transition and adoption of cloud services, and communicates effectively with project stakeholders to convey technical and process improvement requirements.
- Ensures the security of all CNA’s Cloud Platforms and services such as Google’s IaaS, PaaS (e.g., BigQuery, Cloud SQL), Azure services, and similar services.
- Manages a large team of experienced technical cloud security professionals, overseeing their performance and development.
- Designs and implements strategies and plans to securely transition CNA to the cloud, maintaining acceptable information risk levels.
- Designs and implements cloud-native security frameworks and defense-in-depth strategies to meet business requirements with minimal risk.
- Provides expert understanding of cloud, application development, infrastructure management, and information security, translating these into business terms for IT and business personnel.
- Maintains knowledge of Google Cloud Platform (GCP), AWS and Azure offerings for cloud security and their application to CNA.
- Manages and operates external cloud security solutions (e.g., CWPP, CSPM, logging, etc).
- Recommends tactical and strategic initiatives to mitigate risks, monitoring and assessing new threats to cloud environments.
- Provides guidance and technical leadership in developing security standards and guidelines for cloud infrastructure, aligning with enterprise architecture, risk profile, and policy requirements.
- Documents and advises on security improvements that balance risk with business operations and innovation.
- Collaborates with Legal to identify and assess legal and regulatory issues affecting information security in cloud services.
- Participates in Customer Assessment reviews of organization’s security controls for cloud environments.
- Drives responses to external and internal audit’s security controls for cloud environments and ensures timely remediation.
Preferred Qualifications
- Relevant certifications preferred (e.g., IT Security and Cloud).