Lead, Cyber Security Operations- Cloud/Containers

Prudential Financial
NJ, US
Full-time

Job Classification :

Technology - Information Security

Are you interested in building capabilities that enable the organization with innovation, speed, agility, scalability and efficiency?

Your Team & Role

As a Lead, Cyber Security Operations- Cloud / Containers on the Attack Surface Management Team, you will partner with other security professionals across the Information Security Office, the Chief Technology Office, and other groups in Prudential to drive Prudential’s Cloud security efforts across the global enterprise.

You will lead the team to detect and respond to cloud and container vulnerabilities across the multiple technology stacks (images, open source, 3rd party software, etc).

You will partner with ASM teams such as Application Security and Configuration Compliance leaders to identify secure by design opportunities to enhance baseline capabilities and establish preventive controls.

In addition, you will help leaders evolve and grow the strategic direction of the program and contribute to security standards, drive enablement of new capabilities (container vulnerability management, SBOM implementation, serverless computing) and identification of attack surface reduction opportunities.

You will work on significant and unique issues where analysis of context-based risk, unique business environments or vulnerability exploitability requires an evaluation of variables to drive time-sensitive risk reduction efforts.

In your efforts, you will continuously look at opportunities to automate and strengthen controls. An agile and continuous improvement / learning mindset is needed as part of our team.

Here is What You Can Expect on a Typical Day :

  • Lead the cloud security strategy, including the design and implementation of attack surface reduction and security configurations across all cloud environments (AWS, Azure, GCP, etc.).
  • Manage and oversee the vulnerability management program, including regular scanning, assessment, prioritization, and remediation of security vulnerabilities.
  • Collaborate with the Attack Surface Management team to identify and address security risks associated with cloud environments and ensure that they are properly mitigated.
  • Develop and maintain cloud security policies, procedures, and best practices in alignment with industry standards and regulatory requirements.
  • Act as a subject matter expert (SME) for cloud and container security, providing guidance to development, operations, and security teams on best practices and emerging threats.
  • Oversee the implementation of security tools and technologies to monitor and protect cloud infrastructure.
  • Support and assist security incident response efforts related to cloud environments, working closely with the Incident Response team to support any investigations.
  • Conduct regular risk assessments and support evaluation of the effectiveness of security controls and identify areas for improvement.
  • Stay up-to-date with the latest security trends, threats, and technologies, and recommend innovative solutions to enhance the security posture of the organization.
  • Collaborate with external partners, vendors, and auditors to ensure compliance with security standards and regulations.
  • Management of requirements for scanning policies, coverage and lifecycle management processes for vulnerabilities and misconfigurations (Qualys, Wiz).

This includes configuration-based assessments where automated detections are not available.

  • Identification and monitoring of high-risk software, services and ports.
  • Responsible for continuous monitoring of attack surface and ensuring remediation governance via escalation to business and risk advisors.
  • Partner with support organizations to establish security standards, design requirements and build the roadmap to implement cloud security controls to ensure the secure deployment of cloud-based resources.
  • Work to Operationalize new processes for cloud and container continuous monitoring.
  • Provide mentorship, training, and guidance for team members, working with and guiding more junior team members.
  • Support managers and Prudential leadership on new initiatives and opportunities to grow our security practices.
  • Ensures proper communication of the program’s results, opportunities, and deficiencies, as needed, to Prudential upper management.
  • Leverage Security Operations and tool / process specific knowledge to resolve complex technical / process / people problems the team faces.
  • Partner with leadership to set direction for the future of the VM and Cloud Security monitoring program, while ensuring an accurate understanding and in-depth knowledge of daily operations to provide team recommendations.
  • Tracking, rating, and ranking of highly critical vulnerabilities along with all coordination with business unit owners to ensure required adherence to SLAs.
  • Responsible for review and approval of remediation deferment requests, escalation where appropriate

The Skills & Expertise You Bring

  • Bachelor of Computer Science or Software Engineering or experience in related fields
  • Experience with agile development methodologies and Test-Driven Development (TDD).
  • Knowledge of business concepts, tools and processes that are needed for making sound decisions in the context of the company's business.
  • Ability to learn new skills and knowledge on an on-going basis through self-initiative and tackling challenges.
  • Ability to coach others with some guidance and effectively leverage diverse ideas, experiences, thoughts, and perspectives to the benefit of the organization.
  • Strong communication skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
  • Excellent problem solving, communication, and collaboration skills. Ability to think creatively, innovate and challenge status quo processes or procedures.
  • Experience using industry-standard vulnerability scanning and security tools (Qualys, Tenable, Wiz, NMAP, Cloud Native AWS, Azure)
  • Experience with standard frameworks, such as OWASP, MITRE ATT&CK, and NIST.
  • In-Depth knowledge of threat intelligence frameworks & methodology that will help aid the response process.
  • Familiarity with defensive and monitoring technologies such intrusion prevention / detection systems (IPS / IDS), Web Application Firewalls (WAFs) security information and event management systems (SIEMs), firewalls, endpoint protection (EPP) and endpoint detection / response (EDR) tools, as well as user and entity behavior analytics (UEBA).

Advanced experience with several of the following :

  • Proven experience leading security initiatives in cloud environments, including designing and implementing security controls.
  • Strong understanding of network security, encryption, identity and access management, and incident response.
  • Relevant certifications (e.g., CISSP, CCSP, AWS Certified Security, GCP Professional Cloud Security Engineer) are highly desirable.
  • Demonstrated experience in cloud security, vulnerability management, and / or related cybersecurity roles
  • Strong experience with cloud platforms (AWS, Azure, GCP) and their security features
  • In-depth knowledge of vulnerability management tools (e.g., Qualys, Nessus, Rapid7, Wiz) and cloud security frameworks (e.

g., CIS, NIST, ISO 27001).

Preferred qualifications :

  • IT Security certification beyond intro level certifications, (e.g., GCFA, GCIA, GNFA, GCTI, GREM, GCIH, GCFA, GPEN, OSCP, etc.).
  • Cloud (AWS, Azure, GCP, etc.) Certs
  • Other Security Certifications beyond intro level
  • Scripting background (Python, Perl, bash, etc.)

You’ll Love Working Here Because You Can

Join a team and culture where your voice matters; where every day, your work transforms our experiences to make lives better.

As you put your skills to use, we’ll help you make an even bigger impact with learning experiences that can grow your technical AND leadership capabilities.

You’ll be surprised by what this rock-solid organization has in store for you.

What we offer you :

  • Market competitive base salaries, with a yearly bonus potential at every level
  • Medical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental and military leave
  • Retirement plans :
  • 401(k) plan with company match (up to 4%)
  • Company-funded pension plan
  • Wellness Programs to help you achieve your wellbeing goals, including up to $1,600 a year for reimbursement of items purchased to support personal wellbeing needs
  • Work / Life Resources to help support topics such as parenting, housing, senior care, finances, pets, legal matters, education, emotional and mental health, and career development.
  • Tuition Assistance to help finance traditional college enrollment toward obtaining an approved degree, many accredited certificate programs, and industry designations.
  • Employee Stock Purchase Plan : Shares can be purchased at 85% of the lower of two prices (Beginning or End of the purchase period), after one year of service.
  • 30+ days ago
Related jobs
Promoted
CACI
Florham Park, New Jersey

Operations Lead – Optical and Photonic Systems. CACI is seeking an operations lead to support the Optical and Photonic Systems division. Support the division leader with special projects and briefings as needed. Stand in for the division lead as needed. ...

Promoted
ADP (Automatic Data Processing)
Roseland, New Jersey

As Lead Cloud Security Analyst, you will join a highly skilled team providing world-class infrastructure and network security assessments and security consultation for ADP's. ADP is hiring a Lead Cloud Security Analyst. You will focus on supporting CVM Cloud initiatives by leveraging a variety of se...

Samsung SDS America
Ridgefield Park, New Jersey

Lead and mentor a team of cloud operations professionals, fostering a culture of collaboration, innovation, and excellence. Seasoned team leader with experience inspiring collaborative team environments, overseeing daily operations, and leading team through conflict resolution. Evaluate the IT infra...

S&P Global
Princeton, New Jersey

Lead GenAI Cloud Security Engineer will drive the Cloud security and GenAI/LLM security architecture, provide leadership to mature the security engineering program, develop security tooling, mentor others and be hands-on partner to our software, SRE and QA Teams. Experience implementing cloud securi...

EY
Hoboken, New Jersey

Develop strategic and tactical security architecture efforts, design and drive cloud security and security architecture implementations to completion, and function as a cyber security leader for traditional and evolving security architecture. Must have 4 years of experience in Cloud security project...

Prudential Financial
Newark, New Jersey

Prudential’s Cyber Security Operations Specialists are a critical part of the company’s Cyber Defense and Response team. As a Cyber Security Operations Specialist, you will triage, track, and help mitigate potential cyber events. Direct background or experience working in a SOC or other Cyber Securi...

Guardian Life
Holmdel, New Jersey

Are you passionate about cyber security and solving complex problems? Do you want to join a dynamic and collaborative team that protects Guardian's technology assets from cyber threats and play a key role in ensuring and maintaining the security and integrity of our cloud-based systems and data? If ...

Guardian Life Insurance Company
Holmdel, New Jersey

The Guardian Cyber Security Engineering team engineers, builds and owns a broad variety of cutting-edge security controls that fall in the domains of Network, Endpoint, Data, Identity, Cloud and Application security within the Secure CI/CD Pipeline and are deployed within SAAS, PAAS, Private and Pub...

Prudential Financial
Newark, New Jersey

As VP, Product Owner, Cyber Security Operations you will serve as the executive leader of Prudential’s Global 24/7/365 Cyber Security Operation. Candidates for this role are expected to be experienced cyber security operations leaders. Cyber Security Operations Analysis and Management . Lead, mentor...

ADP
Roseland, New Jersey

The CSA team is responsible for leading these efforts for ADP worldwide across a broad set of security disciplines providing an integrated security ecosystem to detect, defend, and respond to business impacting cyber and physical security, data protection, and fraud prevention. The Cyber Security Ar...