Cloud Security Manager

Glocomms is partnered with a leading financial services organization to identify a seasoned Cloud Security Manager to lead and evolve its cloud security program. This individual will oversee a team responsible for securing multi-cloud environments (AWS, Azure, GCP), driving vulnerability management, and implementing advanced solutions to optimize team operations. The ideal candidate combines technical depth with strategic leadership and a passion for automation and innovation.

Key Responsibilities:

• Lead and mentor a team of cloud security engineers and analysts. This includes conducting regular team assessments and performance reviews and making recommendations related to hiring and compensation, as necessary.
• Oversee the implementation and optimization of CNAPP/CSPM platforms such as Prisma Cloud, Wiz, and Aqua Security.
• Manage vulnerability detection and remediation workflows using tools like CrowdStrike, Nessus, Qualys, Brinqa, Kenna, Vulcan, and Dazz.
• Develop and enforce custom security controls and policies to address misconfigurations, false positives, and out-of-box (OOB) limitations.
• Collaborate with DevOps and infrastructure teams to integrate security into CI/CD pipelines and Kubernetes environments.
• Identify and implement automation opportunities to streamline security operations and reduce manual effort.
• Ensure compliance with internal SLAs and regulatory requirements for cloud security posture and incident response.
• Partner with enterprise risk and compliance teams to align cloud security initiatives with business objectives.
• Leverage platforms like Avalor and Brinqa for risk-based prioritization and reporting.

Required Qualifications:

• 7+ years of experience in cybersecurity, with at least 3 years in a cloud security leadership role.
• Proven experience managing security in multi-cloud environments (AWS, Azure, GCP).
• Hands-on expertise with CNAPP/CSPM tools (e.g., Prisma, Wiz, Aqua) and vulnerability management platforms (e.g., CrowdStrike, Nessus, Qualys).
• Strong understanding of Kubernetes security, cloud-native architectures, and infrastructure-as-code.
• Familiarity with security data platforms such as Brinqa, Kenna, Vulcan, Dazz, and Avalor.
• Demonstrated success in people management, team development, and cross-functional collaboration.
• Excellent communication skills and the ability to translate technical risks into business impact.

Preferred Qualifications:

• Industry certifications such as CISSP, CCSP, AWS/Azure/GCP Security Specialty.
• Experience in financial services or other highly regulated industries.
• Knowledge of compliance frameworks (e.g., NIST, ISO 27001, SOC 2, PCI-DSS).

Work Environment:

This is a hybrid role requiring on-site presence Tuesday through Thursday at one of the organization's key locations (Malvern, Charlotte, or Dallas), with remote flexibility on Mondays and Fridays. Unfortunately, visa sponsorship is not available at this time.