Director, Senior Cloud Security Architect

At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting-edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide.

Recognized as a top destination for innovators, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance – and this is what #LifeAtBNY is all about. Join us and be part of something extraordinary.

The Senior Cloud and AI Security Architect is responsible for defining and driving the enterprise cloud security architecture strategy while enabling the use of AI to enhance cloud security capabilities. This role combines deep expertise in cloud platforms, cybersecurity architecture, and security engineering with strong knowledge of AI-driven technologies and their practical application in security.

The role holder leads the design of secure, scalable, and resilient cloud architectures, establishes security standards and reference patterns, and acts as a strategic advisor on how AI can be leveraged to improve cloud security posture, automate controls, strengthen threat detection, and increase operational efficiency.

In addition, the role will also support the development and execution of Cloud Security Strategy and Governance. This role is in New York, NY or Pittsburgh, PA.

• Be part of a team responsible for shaping enterprise cloud security architecture across public cloud and cloud-native platforms. 
• Drive adoption of AI for cloud security from a controls, process and operations perspective.
• Partner closely with cloud engineering, platform teams, DevSecOps, IAM, infrastructure, risk, compliance, and audit stakeholders. 
• Define scalable and repeatable cloud security patterns that enable secure adoption of AWS, Azure, and GCP services. 
• Help translate regulatory, policy, and control requirements into practical architecture standards and implementation guidance. 
• Drive alignment between cloud architecture decisions and recognized frameworks such as NIST SP 800-53, NIST CSF, CIS, CSA CCM, and OWASP.

In this role, you’ll make an impact in the following ways

• Define and lead the cloud security architecture strategy across enterprise cloud platforms and services.
• Develop and maintain cloud security reference architectures, design patterns, standards, and guardrails.
• Act as an AI enabler for cloud security by identifying, assessing, and promoting AI use cases that improve security outcomes.
• Drive the adoption of AI-driven capabilities for threat detection, risk analysis, automation, incident response, and security operations.
• Partner with cloud engineering, platform, data, AI, and cybersecurity teams to integrate AI securely and effectively into cloud security processes and tooling.
• Evaluate emerging cloud security and AI technologies and recommend innovations that enhance resilience, efficiency, and risk management.
• Advise senior leadership and key stakeholders on cloud security risks, architecture decisions, and strategic technology direction.
• Support security transformation initiatives by embedding security-by-design and automation-by-design principles into cloud adoption programs. 

• 10+ years of cloud security architecture, enterprise security architecture, or cybersecurity engineering.
• 7+ years of direct experience designing and securing cloud environments in one or more major cloud service providers such as Azure, AWS, GCP or OCI.
• Deep understanding of cloud security principles including IAM, zero trust, network segmentation, encryption, key management, logging, monitoring, and workload protection.
• Strong understanding of AI and machine learning concepts, with practical experience applying AI to cybersecurity or security operations use cases.
• Experience with security automation, orchestration, analytics, and AI-driven security tooling.
• Ability to translate complex technical concepts into clear architectural direction for technical and non-technical stakeholders.
• Excellent stakeholder management, communication, and influencing skills.
• Proven ability to lead cross-functional initiatives in complex enterprise environments.
• Experience working with CSPM/CNAPP tools such as Wiz 
• Experience with cloud-native posture and policy services
• Experience with container and Kubernetes security, API security, and CI/CD security architecture. 

• Familiarity with NIST 800.53, CSF, CIS Benchmarks, CSA CCM and OWASP guidance. 
• Experience with cloud security tooling such as CSPM, CNAPP, DSPM, CWPP, or SIEM integrations. 
• Relevant certifications such as: CISSP, CCSP, AWS Security Specialty, Azure Security Engineer Associate, Google Professional Cloud Security Engineer 
• Master’s degree in computer science, engineering, cybersecurity, or related discipline. 

• Define secure cloud design principles and reference patterns. 
• Map architecture decisions to NIST SP 800-53 controls and related enterprise requirements. 

• Work with platform operational teams, DevOps, and application teams to operationalize security architecture decisions. 
• Promote implementation through reusable patterns, automation, and policy enforcement. 

• Review high-risk cloud initiatives, balance and document residual risk
• ums, audits, and regulatory reviews with defensible architecture rationale. 

• Support the development and execution of the enterprise Cloud Security Strategy. 
• Help define cloud security standards, governance processes, and architecture review criteria. 
• Partner with risk, compliance, and audit stakeholders to ensure cloud security architecture remains aligned to enterprise obligations and regulatory expectations.

• Define the target-state posture management architecture across third-party and cloud-native capabilities. 
• Establish standards for preventing and detecting cloud misconfigurations 

AI Enablement for Cloud Security

• Act as an AI enabler by identifying opportunities to apply AI to strengthen cloud security outcomes. 
• Drive adoption of AI capabilities to improve threat detection, posture analysis, risk prioritization, and security operations efficiency. 
• Help streamline cloud security tooling, processes, and workflows through intelligent automation and AI-driven insights. 
• Promote practical and responsible use of AI as a force multiplier for cloud security effectiveness, scalability, and operational maturity

At BNY, our culture speaks for itself, check out the latest BNY news at:

BNY Newsroom

BNY LinkedIn 

 Here’s a few of our recent awards: 

• America’s Most Innovative Companies, Fortune, 2025
• World’s Most Admired Companies, Fortune 2025
• “Most Just Companies”, Just Capital and CNBC, 2025

Our Benefits and Rewards:

BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter. 

BNY is an Equal Employment Opportunity/Affirmative 

**POSITION SUMMARY:** The Vice President, Information Security plays a pivotal role in safeguarding BNY's information assets by developing, implementing, and managing security strategies. This position is crucial in upholding BNY's Principles of trust and integrity, ensuring that security measures align with the organization's Strategic Pillars. As an Individual Contributor, the Vice President is responsible for leveraging their expertise in the Information Security field to mitigate risks and enhance the protection of sensitive data across the company. This role supports the broader mission of BNY by maintaining a secure and resilient digital environment, fostering an organizational culture of security awareness. **PRIMARY RESPONSIBILITIES:** - Develop and implement comprehensive information security strategies by applying advanced knowledge of security protocols and risk management. - Conduct regular security assessments and audits by utilizing industry-standard practices to identify vulnerabilities and recommend improvements. - Collaborate with cross-functional teams to integrate security measures into business processes, ensuring seamless protection of digital assets. - Monitor emerging security threats and trends, providing expert insights to proactively address potential risks. - Lead incident response efforts by coordinating with relevant stakeholders to ensure timely resolution and mitigation of security breaches. - Educate and train employees on security best practices, fostering a culture of security awareness across the organization. **EDUCATION/QUALIFICATIONS:** - Bachelor's degree in Information Security, Computer Science, or a related field - Advanced certifications such as CISSP or CISM are preferred **EXPERIENCE:** Typically 6-10 years of experience **SKILLS:** - Strong analytical and problem-solving skills, with the ability to assess complex security challenges - Excellent communication and collaboration capabilities to work effectively with various teams - Proficiency in security tools and technologies, demonstrating expertise in the Information Security domain

BNY assesses market data to ensure a competitive compensation package for our employees. The base salary for this position is expected to be between $83,000 and $209,000 per year at the commencement of employment. However, base salary if hired will be determined on an individualized basis, including as to experience and market location, and is only part of the BNY total compensation package, which, depending on the position, may also include commission earnings, discretionary bonuses, short and long-term incentive packages, and Company-sponsored benefit programs. 
This position is at-will and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation) at any time, including for reasons related to individual performance, change in geographic location, Company or individual department/team performance, and market factors.