Director, Senior Cloud Security Architect

Senior Cloud Security Architect At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting‑edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide. Job Description The Senior Cloud and AI Security Architect is responsible for defining and driving the enterprise cloud security architecture strategy while enabling the use of AI to enhance cloud security capabilities. This role combines deep expertise in cloud platforms, cybersecurity architecture, and security engineering with strong knowledge of AI‑driven technologies and their practical application in security. The role holder leads the design of secure, scalable, and resilient cloud architectures, establishes security standards and reference patterns, and acts as a strategic advisor on how AI can be leveraged to improve cloud security posture, automate controls, strengthen threat detection, and increase operational efficiency. In addition, the role will support the development and execution of Cloud Security Strategy and Governance. This role is in New York, NY or Pittsburgh, PA. What to expect Be part of a team responsible for shaping enterprise cloud security architecture across public cloud and cloud‑native platforms. Drive adoption of AI for cloud security from a controls, process and operations perspective. Partner closely with cloud engineering, platform teams, DevSecOps, IAM, infrastructure, risk, compliance, and audit stakeholders. Define scalable and repeatable cloud security patterns that enable secure adoption of AWS, Azure, and GCP services. Help translate regulatory, policy, and control requirements into practical architecture standards and implementation guidance. Drive alignment between cloud architecture decisions and recognized frameworks such as NIST SP 800‑53, NIST CSF, CIS, CSA CCM, and OWASP. In this role, you’ll make an impact in the following ways Define and lead the cloud security architecture strategy across enterprise cloud platforms and services. Develop and maintain cloud security reference architectures, design patterns, standards, and guardrails. Act as an AI enabler for cloud security by identifying, assessing, and promoting AI use cases that improve security outcomes. Drive the adoption of AI‑driven capabilities for threat detection, risk analysis, automation, incident response, and security operations. Partner with cloud engineering, platform, data, AI, and cybersecurity teams to integrate AI securely and effectively into cloud security processes and tooling. Evaluate emerging cloud security and AI technologies and recommend innovations that enhance resilience, efficiency, and risk management. Advise senior leadership and key stakeholders on cloud security risks, architecture decisions, and strategic technology direction. Support security transformation initiatives by embedding security‑by‑design and automation‑by‑design principles into cloud adoption programs. To be successful in this role, we’re seeking the following 10+ years of cloud security architecture, enterprise security architecture, or cybersecurity engineering. 7+ years of direct experience designing and securing cloud environments in one or more major cloud service providers such as Azure, AWS, GCP or OCI. Deep understanding of cloud security principles including IAM, zero trust, network segmentation, encryption, key management, logging, monitoring, and workload protection. Strong understanding of AI and machine learning concepts, with practical experience applying AI to cybersecurity or security operations use cases. Experience with security automation, orchestration, analytics, and AI-driven security tooling. Ability to translate complex technical concepts into clear architectural direction for technical and non‑technical stakeholders. Excellent stakeholder management, communication, and influencing skills. Proven ability to lead cross‑functional initiatives in complex enterprise environments. Experience working with CSPM/CNAPP tools such as Wiz. Experience with cloud‑native posture and policy services. Experience with container and Kubernetes security, API security, and CI/CD security architecture. Preferred qualifications Familiarity with NIST 800.53, CSF, CIS Benchmarks, CSA CCM and OWASP guidance. Experience with cloud security tooling such as CSPM, CNAPP, DSPM, CWPP, or SIEM integrations. Relevant certifications such as CISSP, CCSP, AWS Security Specialty, Azure Security Engineer Associate, Google Professional Cloud Security Engineer. Master’s degree in computer science, engineering, cybersecurity, or related discipline. Core responsibilities by domain: Cloud security architecture Define secure cloud design principles and reference patterns. Map architecture decisions to NIST SP 800‑53 controls and related enterprise requirements. Engineering partnership Work with platform operational teams, DevOps, and application teams to operationalize security architecture decisions. Promote implementation through reusable patterns, automation, and policy enforcement. Risk and governance Review high-risk cloud initiatives, balance and document residual risk, audits, and regulatory reviews with defensible architecture rationale. Cloud security strategy and governance Support the development and execution of the enterprise Cloud Security Strategy. Help define cloud security standards, governance processes, and architecture review criteria. Partner with risk, compliance, and audit stakeholders to ensure cloud security architecture remains aligned to enterprise obligations and regulatory expectations. Cloud security posture management Define the target‑state posture management architecture across third‑party and cloud‑native capabilities. Establish standards for preventing and detecting cloud misconfigurations. AI Enablement for Cloud Security Act as an AI enabler by identifying opportunities to apply AI to strengthen cloud security outcomes. Drive adoption of AI capabilities to improve threat detection, posture analysis, risk prioritization, and security operations efficiency. Help streamline cloud security tooling, processes, and workflows through intelligent automation and AI‑driven insights. Promote practical and responsible use of AI as a force multiplier for cloud security effectiveness, scalability, and operational maturity. BNY is an Equal Employment Opportunity/Affirmative. BNY assesses market data to ensure a competitive compensation package for our employees. The base salary for this position is expected to be between $83,000 and $209,000 per year at the commencement of employment. However, base salary if hired will be determined on an individualized basis, including as to experience and market location, and is only part of the BNY total compensation package, which, depending on the position, may also include commission earnings, discretionary bonuses, short and long‑term incentive packages, and Company‑sponsored benefit programs. This position is at‑will and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation) at any time, including for reasons related to individual performance, change in geographic location, Company or individual department/team performance, and market factors. #J-18808-Ljbffr