[Remote] Corporate Vice President - Cloud Security Engineer
Note: The job is a remote job and is open to candidates in USA. New York Life is a Fortune 100 mutual company that is evolving into a more technology-, data-, and AI-enabled organization. They are seeking a Senior Cloud Security Engineer to architect, deploy, and operate secure cloud application infrastructure while enhancing the company’s security posture within cloud computing environments.ResponsibilitiesDevelop and maintain secure, resilient enterprise-grade cloud processes in tandem with architects and system engineersSecure business applications and computing environments across public, private or hybrid cloud infrastructuresProtect business applications in compliance with privacy, security, business resiliency and compliance frameworks as defined in corporate policiesMaintain a consistent, secure environment using configuration management solutions (e.g., Puppet, Chef, Ansible, etc.). Conduct rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accountsDeploy strong identity and access management (IAM) controls across applications and computing environmentsAttend regular technical project and implementation meetings, and serve as the security consultant to help guide secure application and infrastructure configurationsActively monitor, assess and recommend tactical and strategic initiatives based on new and emerging threats posing risk to cloud computing environmentsManage remediation efforts after security assessment findings outline weaknesses requiring attentionDocument, formulate and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovationAssist in maintaining strong oversight with cloud computing vendors and solution providers to safeguard against undue risk presented by external entities. Escalate to security management and business unit leads when points of weakness are discoveredStay apprised of current and proposed security changes impacting regulatory, privacy and security industry best practice guidance. Apply learned knowledge across key lines of business, including products, practices and proceduresAct as a key figure in incident response to track occurrence and resolution, with strict documentation and reporting as well as engagement with security operations and incident response teamsAttend and fully engage in change and project management meetingsPerform other duties as assignedSkillsAt least 5-7+ years' experience in security and systems administration across a wide variety of cloud infrastructure, including software as a service (SaaS), infrastructure as a service (IaaS) and platform as a service (PaaS)Strong work ethic, leverage analytical and critical thinking, and be skillful at meeting change requests at a moment's noticeStrong listening and communication skillsDevelop and maintain secure, resilient enterprise-grade cloud processes in tandem with architects and system engineersSecure business applications and computing environments across public, private or hybrid cloud infrastructuresProtect business applications in compliance with privacy, security, business resiliency and compliance frameworks as defined in corporate policiesMaintain a consistent, secure environment using configuration management solutions (e.g., Puppet, Chef, Ansible, etc.). Conduct rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accountsDeploy strong identity and access management (IAM) controls across applications and computing environmentsAttend regular technical project and implementation meetings, and serve as the security consultant to help guide secure application and infrastructure configurationsActively monitor, assess and recommend tactical and strategic initiatives based on new and emerging threats posing risk to cloud computing environmentsManage remediation efforts after security assessment findings outline weaknesses requiring attentionDocument, formulate and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovationAssist in maintaining strong oversight with cloud computing vendors and solution providers to safeguard against undue risk presented by external entities. Escalate to security management and business unit leads when points of weakness are discoveredStay apprised of current and proposed security changes impacting regulatory, privacy and security industry best practice guidance. Apply learned knowledge across key lines of business, including products, practices and proceduresAct as a key figure in incident response to track occurrence and resolution, with strict documentation and reporting as well as engagement with security operations and incident response teamsAttend and fully engage in change and project management meetingsPerform other duties as assignedAt least 5-7+ years' experience in cybersecurity as a practitioner and with at least 2-3+ years exposure with Amazon Web Services (AWS), Microsoft Azure or VMwareStrong Linux and Windows support skillsExperienced in cloud networking architecture and cloud operationsNetwork and encryption experience, including virtual private networks (VPNs), IPsec, SSL/TLS, LDAP and public key infrastructure (PKI)Experience with scripting languages such as Python, Ruby, PowerShell and JavaScriptExperienced in the use of threat intelligence services in a production environmentUp-to-date understanding of a wide-range of incident response, system configuration, vulnerability management and hardening guidelinesTrack record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectivelyCloud access security broker (CASB) experienceIAM experience, including familiarity with authentication protocols (e.g., OAuth, SAML and OpenID) and privileged access management (e.g., secret manager, cyberARK)Familiarity with security solutions such as Wiz and SentinelOne, as well as tool such as Docker, Kubernetes and AWS CloudTrailExperience and understanding of various regulatory requirements and laws is a plus. Relevant regulations include but are not limited to: Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), New York State Department of Financial ServicesExperience achieving compliance with established framework (e.g., ITIL, NIST, CSA, ISO)Team leadership experience to help with the organizational and team dynamics in a growing fieldBenefitsOvertime eligible: ExemptDiscretionary bonus eligible: YesSales bonus eligible: NoEmployees are eligible for an annual discretionary bonusEmployees may also be eligible to participate in an incentive programWe provide a full package of benefits for employees – and have unique offerings for a modern workforce, including leave programs, adoption assistance, and student loan repayment programsCompany OverviewFor over 180 years, we’ve helped turn your biggest dreams into milestones that last a lifetime. It was founded in 1845, and is headquartered in Leawood, Kansas, USA, with a workforce of 10001+ employees. Its website is https://www.newyorklife.com/amn.Company H1B SponsorshipNew York Life has a track record of offering H1B sponsorships, with 19 in 2026, 148 in 2025, 99 in 2024, 85 in 2023, 77 in 2022, 48 in 2021, 65 in 2020. Please note that this does not guarantee sponsorship for this specific role.