Bring your ideas. Make history. BNY Mellon offers an exciting array of future-forward careers at the intersection of business, finance, and technology. We are one of the world's top asset management and banking firms that manages trillions of dollars in assets, custody and/or administration. Known as the "bank of banks" - 97% of the world's top banks work with us as we lead and serve our customers into the new era of digital.
With over 238 years of rich history and industry firsts, BNY Mellon has been built upon our proven ability to evolve, lead, and drive new ideas at every turn. Today, we're approximately 50,000 employees across 35 countries with a culture that empowers you to grow, take risks, experiment and be yourself. This is what #LifeAtBNYMellon is all about.
We're seeking a future team member in the role of Senior Cloud Security & Automation Engineer to join our Cyber Cloud Security team in the Information Security Department (ISD). This role is located in Pittsburgh, PA or Lake Mary, FL - Hybrid.
What to expect:
Be part of team that is laser focused on delivering a transformative cloud security program that is in alignment with BNY Mellon's overall cloud strategy.
Provided with an opportunity to further finetune and specialize in skills across all cyber disciplines.
You will collaborate with passionate leaders, technologists, architects, engineers, and cyber professionals that strive to enable business securely with innovative technology and solutions.
Strong partnership and support from the Cloud Service Providers (Azure, GCP, AWS) and Cyber Security partners and vendors we do business with.
An opportunity to influence the bank's cloud security and automation strategy.
In this role, you'll make an impact in the following ways:
Design, implement, and maintain secure cloud environments in accordance with industry best practices and regulatory requirements.
Optimize cloud security controls and capabilities (e.g., CSPM, DSPM, etc.) to ensure IaaS, SaaS, PaaS, and FaaS cloud service compliance with relevant regulations, standards, organizational policies, and design patterns through continuous assessment and reporting.
Integrate security tools and practices into our continuous integration and continuous delivery (CI/CD) pipeline, ensuring security is embedded in all stages of the software development lifecycle.
Partner closely with cloud architecture, cloud engineering, developers, and other line-of-business representatives to develop and refine automation capabilities for a multitude of Cloud Service design patterns.
In partnership with SOC and IR implement monitoring and logging solutions to detect and respond to security threats and incidents in real-time.
Provide security domain expertise on protective controls, to include system, network, encryption, and authentication services.
Collaborate with stakeholders to define security requirements and provide guidance on secure development practices.
Develop and maintain documentation related to security policies, procedures, and best practices.
Provide training and support to development and operations teams on security-related topics and tools.
To be successful in this role, we're seeking the following:
Bachelor's or Graduate degree in engineering, computer science or a related discipline or equivalent work experience required.
10+ years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.
3-4 years of larger scale application scripting/development experience combined with 2-3 years of direct experience working with and securing cloud native workloads in one or more of the three major cloud service providers (Microsoft Azure, Google Cloud Platform, and AWS).
Expertise in cloud-native container and container orchestration security (e.g., Azure Kubernetes Service).
Experience developing Infrastructure-as-code/Policy-as-code components and automation using languages and tools like Python, Terraform, ARM/BICEP to name but a few.
Experience in implementing security controls in CI/CD pipelines, third party security tools (e.g., Rego) and cloud native policies.
Experience in API Security and implementation of appropriate security controls.
Experience with software architectures and development/scripting experience in at least one programming language.
Experience with cyber security related processes and tooling (e.g., Vulnerability management, IAM).
Familiarity with adopting cloud security frameworks and best practices (e.g., NIST, CIS, CSA CCM, and OWASP).
At BNY Mellon, our inclusive culture speaks for itself. Here's a few of our awards:
Fortune World's Most Admired Companies & Top 20 for Diversity and Inclusion
Bloomberg's Gender Equality Index (GEI)
Human Rights Campaign Foundation, 100% score Corporate Equality Index
Best Places to Work for Disability Inclusion , Disability: IN - 100% score
100 Best Workplaces for Innovators, Fast Company
CDP's Climate Change 'A List'
Our Benefits:
BNY Mellon offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life's journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves that can support you and your family through moments that matter.
BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.
Employer Description:
For over 230 years, the people of BNY Mellon have been at the forefront of finance, expanding the financial markets while supporting investors throughout the investment lifecycle. BNY Mellon can act as a single point of contact for clients looking to create, trade, hold, manage, service, distribute or restructure investments and safeguards nearly one-fifth of the world's financial assets. BNY Mellon remains one of the safest, most trusted and admired companies. Every day our employees make their mark by helping clients better manage and service their financial assets around the world. Whether providing financial services for institutions, corporations or individual investors, clients count on the people of BNY Mellon across time zones and in 35 countries and more than 100 markets. It's the collective ambition, innovative thinking and exceptionally focused client service paired with a commitment to doing what is right that continues to set us apart. Make your mark: bnymellon.com/careers.
EEO Statement:
BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer. Minorities/Females/Individuals With Disabilities/Protected Veterans. Our ambition is to build the best global team - one that is representative and inclusive of the diverse talent, clients and communities we work with and serve - and to empower our team to do their best work. We support wellbeing and a balanced life, and offer a range of family-friendly, inclusive employment policies and employee forums.