Sr. Lead - Cyber Security Cloud Engineer

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

Cyber Security Engineer (Cloud) - Sr. Lead

Position Overview

Northern Trust is seeking a Sr Lead, Cloud Security Engineer to secure a highly available multi-cloud provider environment for an organization undergoing an exciting transformation to the cloud. The job will require the right candidate to secure cloud infrastructure to protect Northern Trust’s cloud-hosted assets and applications. The role is responsible for designing, implementing, and governing cloud security controls across enterprise cloud platforms, with a strong focus on Microsoft Azure. This role will act as a technical leader driving secure‑by‑design cloud architectures, security automation, and compliance at scale, while partnering closely with Cloud Platform, DevOps, and Risk teams.

This role requires a hands‑on security engineer who can define cloud security strategy, build security tooling, and influence the cloud roadmap while ensuring alignment with enterprise risk and regulatory requirements.

Key Responsibilities

Cloud Security Engineering & Architecture

• Develop, implement, and enforce Policy-as-Code (PaC) for cloud environments (Azure and AWS) to configure, detect, remediate, and enforce security standards.
• Define and implement security policies based upon CIS/NIST industry benchmarks.
• Support remediation of security vulnerabilities and misconfiguration using Cloud Posture Management and ITSM tooling in accordance with Service Level Agreements (SLA).
• Configure, enhance, and operate cloud security posture management platforms (e.g., Wiz) for pre-deployment scanning of IaC code to protect infrastructure.
• Evaluate new technology options for cloud security, vendor products to make recommendations to leadership.
• Participate in IT Service Management (ITSM) change, incident, and general requests.
• Review cloud designs and solutions to ensure compliance with security standards and best practices.
• Drive Zero Trust and defense‑in‑depth security models across cloud environments.

Security Platforms & Tooling

• Implement and manage cloud security technologies such as:
  • Cloud Security Posture Management (CSPM)
• Lead the integration of security controls into CI/CD pipelines (DevSecOps).
• Build and maintain security automation using scripting and Infrastructure‑as‑Code.

Governance, Risk & Compliance

• Define and implement cloud security policies, standards, and control frameworks.
• Partner with Risk, Compliance, and Audit teams to support regulatory and internal audits.
• Ensure alignment with industry standards such as ISO 27001, NIST, CIS benchmarks, and SOC controls.
• Conduct threat modeling, security assessments, and risk reviews for cloud workloads.

Incident Response & Security Operations

• Provide subject‑matter expertise for cloud‑related security incidents.
• Support investigations and root cause analysis for cloud security events.
• Enhance detection, monitoring, and incident response capabilities for cloud environments.

Leadership & Collaboration

• Act as a technical SME for cloud security within the organization.
• Mentor engineers on cloud security engineering practices.
• Collaborate closely with Cloud Engineering, Platform, DevOps, and Infrastructure teams.
• Influence and drive the Azure security roadmap in alignment with organizational goals.

Qualifications

Education & Experience:

• Bachelor’s degree in Computer Science, Cyber Security, Engineering, or related technical field.
• 8+ years of experience in Cloud Infrastructure, 5+ years in Cloud Security/Engineering with 13+ years of total work experience in Technology Infrastructure.
• Real hands-on experience with at least one major cloud provider (Microsoft Azure (preferred) or AWS).
• Strong experience with Infrastructure as Code (IaC) — Terraform preferred.
• Proficiency in code and scripting languages to include Python, PowerShell, YAML
• Proficiency in Agile, Scrum, Kanban
• Proficiency in DevOps and CI/CD tooling, such as GitHub, GitHub Actions, ADO, etc.
• Experience embedding security controls into CI/CD pipelines.
• Independently managing workload, coordinating priorities with technical leads, and completing deliverables per the processes and standards.
• Relevant certifications from Azure, AWS, CSA, ISC2.
• Experience securing regulated enterprise environments.
• Prior experience leading or shaping cloud security programs at scale.
• Strong problem-solving, communication, and cross-functional collaboration skills.
• Excellent communication, mentorship, and ability to influence cross-functional teams.

Preferred Qualifications

Demonstrate extensive abilities and/or a proven record of success in the following:

• Strong passion for end-to-end DevOps automation via CI/CD pipelines to deploy Infrastructure as Code (IaC) and usage of tools (e.g., ADO, GitHub/Actions, Jenkins, or equivalents).
• Ability to manage infrastructure environments, configurations, and IaC scripts to support application pattern and workflows via self-service automation (e.g., Backstage.io).
• Support all phases of the cloud resource lifecycle management and develop new IaC automation capabilities when new cloud service products are created and business need.
• Proficiency in code and scripting languages to include Python, Perl, Ruby, PowerShell, YAML
• Proficiency in waterfall and Agile, Scrum, Kanban, SAFe, etc. delivery methodologies
• Knowledge and experience in testing automation harnesses and frameworks
• Understanding and ability to ensure operational stability and enforcement of security controls via Policy-as-Code and IaC automation.
• Independently managing workload, coordinating priorities with technical leads, and completing deliverables per the processes and standards
• Ability to work independently and manage multiple tasks and projects and maintain day-to-day management and administration of projects in an Agile environment.
• Principal leader on infrastructure-as-code (IaC) automation (e.g., Terraform) to guide pattern architecture via IaC to provide acceleration to dev team end users programmatically.
• Expert in modern software DevOps and CI/CD tooling, such as GitHub, GitHub Actions, ADO, Jenkins, etc., to provision infrastructure resources and prevent configuration drift.
• Evaluates new technology options for cloud automation, vendor products to make recommendations to leadership to integrate into DevOps infrastructure frameworks.
• Participate in IT Service Management (ITSM) change, incident, and general requests for cloud platform support for business as usual (BAU) operations.

Success Indicators

• Secure by default cloud platforms with automated guardrails.
• Reduced cloud security risks through proactive design and controls.
• Improved security visibility and incident response in cloud environments.
• Strong alignment between cloud security strategy and the Azure/WS Roadmap.
• Strong technical mentorship and uplift of Cloud Security Engineering capabilities.
• developer productivity through reusable frameworks and standards.
• Trusted technical advisor to architecture, security, and business leadership.

Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.

We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.

About Our Pune Office

The Northern Trust Pune office, established in 2016, is now home to over 3,000 employees. The office handles various functions, including Operations for Asset Servicing and Wealth Management, as well as delivering critical technology solutions that support business operations across the globe.

Our Pune team takes our commitment to service to heart. In 2024, they volunteered more than 10,000+ hours into the communities where they live and work. Learn more.