📍 Job Overview

• Job Title: Vice President, Senior Cloud Security Controls Enablement Specialist, Global Information Security, Australia
• Company: Bank of America
• Location: Sydney, New South Wales, Australia
• Job Type: Full-Time
• Category: Cybersecurity, Cloud Security, Information Security
• Date Posted: April 14, 2025
• Experience Level: 5-10 years
• Remote Status: On-site

🚀 Role Summary

• 📝 Enhancement Note: This role focuses on designing, implementing, and managing security controls across multi-cloud environments, with a strong emphasis on Azure and AWS platforms. The ideal candidate will possess a robust background in cloud security, architecture principles, and industry standards, working closely with various teams to ensure the security of cloud-based applications, data, and infrastructure.

💻 Primary Responsibilities

• 📝 Enhancement Note: The primary responsibilities of this role revolve around leading the design and implementation of secure cloud architectures, evaluating and recommending new cloud security technologies, and ensuring appropriate security measures are in place to protect against threats and breaches in Azure and AWS environments.

• 📝 Enhancement Note: This role also involves conducting regular security assessments and audits, defining and implementing security controls and policies, maintaining and updating risk registers, and ensuring compliance with relevant security standards and regulations. Additionally, the role requires providing guidance and training to stakeholders on cloud security best practices and acting as a liaison between the security team and other departments.

• 📝 Enhancement Note: The candidate will collaborate with DevOps, IT, and business teams to integrate security controls into cloud deployments and CI/CD pipelines, staying current with emerging cloud security trends, technologies, and best practices. They will also participate in security research, community engagements, industry forums, and knowledge-sharing initiatives.

🎓 Skills & Qualifications

Education

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience)

Experience

• At least 5 years of experience in cloud security, with a strong focus on Azure and AWS platforms
• Proven experience in cloud security architecture, risk assessment, and compliance
• Experience in designing, implementing, and managing security controls at scale

Required Skills

• 📝 Enhancement Note: The required skills for this role include a strong understanding of cloud security principles and best practices for Azure and AWS platforms, extensive knowledge of security tools and technologies, experience with cloud and containerized technologies, and hands-on experience with PKI secrets management platforms.

• Strong understanding of cloud security principles and best practices for Azure and AWS platforms

• Extensive knowledge of security tools and technologies such as SIEM, IDS/IPS, DLP, firewalls, PKI, and identity management

• Experience architecting SIEM systems, threat intelligence platforms, security automation and orchestration

• Knowledgeable in network security, including AWS networking primitives, security groups, network access control lists, proxies, firewall and WAF technologies

• Experience building and implementing IaC/PaC governance strategies

• Experience with cloud and containerized technologies, AKS, EKS, ECS, serverless, Kubernetes and Docker

• Experience with PKI secrets management platforms (e.g., Azure Key Vault, AWS, KMS, AWS Secrets Manager, HashiCorp Vault)

• DevSecOps experience building and deploying infrastructure with build and test automation technologies terraform, cloudformation, ansible, docker, jenkins

• Hands-on experience designing and deploying cloud security controls at scale

• Extensive knowledge of public cloud service providers and the threats to workloads within those environments

• Hands-on experience with cloud security solutions, including Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWPP)

• 5 years of experience in cloud security

• Currently hold active AWS Security Specialty or Azure AZ-500 certification

• In-depth understanding of cloud security principles, best practices, and industry frameworks such as OWASP Top 10, NIST, CSA, CIS benchmarks

Preferred Skills

• Relevant industry certifications such as ISC2 and SANS GIAC are highly desirable
• Strong communication and interpersonal skills to work effectively with cross-functional teams
• Ability to manage multiple projects and priorities in a fast-paced environment

📊 Web Portfolio & Project Requirements

• 📝 Enhancement Note: As this role focuses on cloud security, a portfolio showcasing experience in cloud security architecture, risk assessment, and compliance is essential. Include case studies demonstrating the design, implementation, and management of security controls across multi-cloud environments, with a strong emphasis on Azure and AWS platforms.

• Portfolio Essentials:

  • Case studies demonstrating cloud security architecture, risk assessment, and compliance projects
  • Examples of security controls implemented and managed at scale
  • Documentation showcasing security policies, procedures, and risk registers
  • Evidence of participation in security research, community engagements, industry forums, and knowledge-sharing initiatives

• Technical Documentation:

  • Detailed diagrams and written explanations of security architectures
  • Documentation of security controls, policies, and procedures
  • Risk assessments and mitigation strategies
  • Compliance reports and audit findings

💵 Compensation & Benefits

Salary Range: AUD 250,000 - AUD 350,000 per annum (Based on market research and industry standards for senior cloud security roles in Australia)

Benefits:

• Competitive benefits package, including health, dental, and vision insurance
• Retirement savings plan with company matching contributions
• Generous time-off policies, including vacation, sick leave, and holidays
• Employee stock purchase plan
• Tuition assistance and professional development opportunities
• Employee discounts on banking and financial services

Working Hours: Full-time position with standard banking hours, Monday to Friday, 9:00 AM to 5:00 PM. Occasional flexibility may be required to support maintenance windows and project deadlines.

📝 Enhancement Note: The salary range provided is an estimate based on market research and industry standards for senior cloud security roles in Australia. The actual salary may vary depending on the candidate's experience, qualifications, and the company's internal compensation structure.

🎯 Team & Company Context

🏢 Company Culture

Industry: Financial Services

Company Size: Large (over 200,000 employees)

Founded: 1904

Team Structure:

• Global Information Security team, focusing on protecting the organization's information assets and maintaining compliance with security standards and regulations
• Collaborative and cross-functional team structure, working closely with various departments, including IT, DevOps, and business teams

Development Methodology:

• Agile/Scrum methodologies for cloud security projects
• Regular code reviews, testing, and quality assurance practices
• Deployment strategies, CI/CD pipelines, and server management

Company Website: Bank of America

📝 Enhancement Note: Bank of America is a large financial services company with a global presence, focusing on providing a wide range of banking and financial services to consumers, small and middle-market businesses, and large corporations. The company is committed to responsible growth, delivering for clients, teammates, communities, and shareholders, and fostering a diverse and inclusive workplace.

📈 Career & Growth Analysis

Cloud Security Career Level: Senior Cloud Security Controls Enablement Specialist, with a focus on designing, implementing, and managing security controls across multi-cloud environments, particularly Azure and AWS platforms.

Reporting Structure: This role reports directly to the Global Head of Cloud Security and is part of the Global Information Security team. The role may have supervisory responsibilities, managing junior cloud security specialists or contributing to the development of other team members.

Technical Impact: This role has a significant impact on the organization's overall security posture, ensuring the protection of cloud-based applications, data, and infrastructure. The candidate will work closely with various teams to integrate security controls into cloud deployments and CI/CD pipelines, driving a security-first culture across the organization.

Growth Opportunities:

• 📝 Enhancement Note: As a senior role within the Global Information Security team, this position offers opportunities for growth and development in various areas, such as technical leadership, architecture decision-making, and expanding expertise in emerging cloud security technologies and trends.

• Technical skill development and specialization in emerging cloud security technologies and trends

• Technical leadership potential, with opportunities to manage junior team members and contribute to architecture decisions

• Career progression paths within the Global Information Security team or broader organizational roles

📝 Enhancement Note: The growth opportunities for this role are tied to the candidate's ability to demonstrate strong technical expertise, leadership skills, and a commitment to driving a security-first culture within the organization. The candidate should be proactive in seeking out new learning opportunities, participating in industry forums, and contributing to the development of other team members.

🌐 Work Environment

Office Type: Modern, collaborative office space with dedicated workstations, meeting rooms, and breakout areas

Office Location(s): Sydney, New South Wales, Australia

Workspace Context:

• Collaborative work environment, with opportunities for cross-functional collaboration with IT, DevOps, and business teams
• Access to necessary tools and resources for cloud security work, including multi-cloud environment access, security tools, and documentation software
• Flexible work arrangements, with the option to work from home on a case-by-case basis, subject to business needs and manager approval

Work Schedule: Standard banking hours, Monday to Friday, 9:00 AM to 5:00 PM, with occasional flexibility required to support maintenance windows and project deadlines.

📝 Enhancement Note: The work environment for this role is a modern, collaborative office space that encourages cross-functional collaboration and knowledge-sharing. The candidate should be comfortable working in a dynamic, fast-paced environment and be able to manage multiple projects and priorities effectively.

📄 Application & Technical Interview Process

Interview Process:

1. Online Assessment: A short online assessment to evaluate the candidate's technical skills and problem-solving abilities
2. Phone Screen: A brief phone call to discuss the candidate's experience, qualifications, and career goals
3. On-site Interview: A series of on-site interviews with members of the Global Information Security team, focusing on the candidate's technical expertise, cloud security experience, and cultural fit
4. Final Decision: A final decision will be made based on the candidate's performance throughout the interview process and their fit with the team and organization

Portfolio Review Tips:

• Highlight case studies demonstrating cloud security architecture, risk assessment, and compliance projects
• Include examples of security controls implemented and managed at scale
• Showcase documentation of security policies, procedures, and risk registers
• Emphasize participation in security research, community engagements, industry forums, and knowledge-sharing initiatives

Technical Challenge Preparation:

• Brush up on cloud security principles, best practices, and industry frameworks such as OWASP Top 10, NIST, CSA, CIS benchmarks
• Familiarize yourself with Azure and AWS platforms, their networking primitives, security groups, and network access control lists
• Prepare for questions related to cloud security tools and technologies, such as SIEM, IDS/IPS, DLP, firewalls, PKI, and identity management
• Review your experience with cloud and containerized technologies, AKS, EKS, ECS, serverless, Kubernetes, and Docker
• Be ready to discuss your experience with PKI secrets management platforms and DevSecOps practices

ATS Keywords:

• Cloud Security, Azure, AWS, Security Architecture, Risk Assessment, Compliance, DevSecOps, Infrastructure as Code, Containerization, Security Controls, Incident Response, Security Audits, Documentation, Collaboration, Communication, Training

📝 Enhancement Note: The interview process for this role is designed to evaluate the candidate's technical expertise, cloud security experience, and cultural fit within the Global Information Security team. The candidate should be prepared to discuss their experience with cloud security architecture, risk assessment, and compliance, as well as their familiarity with Azure and AWS platforms, security tools, and industry best practices.

📌 Application Steps

To apply for this Senior Cloud Security Controls Enablement Specialist position at Bank of America:

1. Submit your application through the application link provided in the job listing
2. Customize your resume and portfolio to highlight your cloud security experience, architecture, risk assessment, and compliance projects
3. Prepare for the online assessment and phone screen by reviewing cloud security principles, best practices, and industry frameworks
4. Research Bank of America's company culture, mission, and values to demonstrate your fit with the organization during the on-site interview
5. Practice common interview questions and brush up on your technical skills to excel in the on-site interview process

⚠️ Important Notice: This enhanced job description includes AI-generated insights and cloud security industry-standard assumptions. All details should be verified directly with the hiring organization before making application decisions.