Information Security Engineering Manager

Position Overview

A Senior Cloud Security Engineer is a highly experienced professional responsible for designing, implementing, and managing an organization's cloud security posture. The role involves proactively identifying and mitigating risks, automating security controls, and collaborating with cross-functional teams to integrate security throughout the software development lifecycle. This position must consider and understand Business processing needs as well as internal and external customer requirements as well as compliance requirements such as PCI and SOX. The Security Engineering team directly supports and leads all operational security tools and processes related to IT security. This position must work in conjunction and enhance the CISO's overall organizational security goals.

The Senior Cloud Security Engineer role will report into the Head of Security Engineering and Architecture position.

Essential Duties & Responsibilities

• Secure cloud architecture: Design and implement secure network architectures across multiple cloud environments, such as AWS, Azure, and GCP. This includes configuring network segmentation, access controls, and account structures.
• Threat and vulnerability management: Monitor cloud environments for threats and misconfigurations. Conduct security assessments, penetration testing, and analyze security alerts using tools like SIEM platforms.
• Identity and access management (IAM): Define and manage IAM policies, enforce role-based access controls (RBAC), and adhere to the principle of least privilege across all cloud platforms.
• Compliance and governance: Ensure cloud systems meet regulatory requirements and industry security standards (e.g., NIST, CIS, ISO 27001, SOC 2).
• Incident response: Assist with investigating and responding to security incidents and breaches in cloud environments.
• Collaboration and mentorship: Work closely with engineering and DevOps teams to balance security needs with operational requirements. Act as a subject matter expert and mentor junior team members.
• Security automation and DevSecOps: Embed security practices into CI/CD pipelines using infrastructure-as-code tools like Terraform and scripting languages such as Python.

Experience, Skills & Knowledge

• Technical skills:
• Deep knowledge of cloud security tools, such as CNAPP, CSPM, and SIEM platforms.
• Proficiency in scripting languages like Python, PowerShell, or Bash.
• Strong understanding of network security principles, including firewalls, IDS/IPS, and VPN technologies.
• Experience providing consultation services in the area of technology architecture.
• Expertise in securing cloud-native services, containers (Docker), and orchestration tools (Kubernetes).
• Professional skills:
• Ability to effectively multi-task, prioritize and adapt in a fast-paced, dynamic business environment
• Excellent problem-solving and analytical abilities.
• Strong written and verbal communication skills for technical documentation and cross-functional collaboration.

Preferred

• Education: Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent experience working with a Global company.
• Certifications: Professional certifications are highly desirable, such as:
• Vendor-neutral: CISSP, CCSP.
• AWS: Certified Security - Specialty.
• Azure: Security Engineer Associate.
• Container Security: Certified Kubernetes Security Specialist (CKS).

Ralph Lauren will consider for employment qualified applicants with arrest or conviction records in a manner consistent with the requirements of the law, including any applicable fair chance laws. Please note background checks will be evaluated individually.