AWS Cloud Security Assurance Manager

Overview:

We are seeking a highly skilled and experienced AWS Cloud Assurance Manager to lead the design, execution, and continuous improvement of the Cloud Security Assurance (CSA) program across AWS environments. This role is responsible for establishing cloud security strategy, integrating assurance activities with cloud governance routines, and maintaining visibility into the cloud business roadmap to proactively manage risk.

The ideal candidate brings deep expertise in cloud security posture management, vulnerability identification and analysis, and workload protection, combined with strong people leadership and the ability to drive technology initiatives through cross functional collaboration. This role oversees a small team of cloud security specialists responsible for CSPM, CWPP, and consolidated cloud risk monitoring and escalation.

Job Responsibilities:

• Design and execute the Cloud Security Assurance (CSA) strategy for AWS environments in alignment with enterprise security objectives and cloud adoption goals.

• Integrate CSA activities with cloud governance routines, ensuring consistent governance, transparency, and leadership visibility into cloud risk and control effectiveness.

• Maintain ongoing visibility into the cloud business roadmap to anticipate emerging risks, influence secure architecture decisions, and align security priorities with business initiatives.

• Drive cloud security technology requirements and lead technology initiative efforts, including tool selection, implementation, integration, and operational maturity.

• Provide oversight of vulnerability identification, security posture management, and vulnerability analysis processes across AWS accounts, regions, and services.

• Establish and govern operational processes for triage, prioritization, escalation, and remediation tracking of high risk cloud findings.

• Own cloud security posture, vulnerability, and risk metrics, including executive level reporting and audit ready documentation.

• Lead and develop a team of cloud security specialists, setting clear expectations, performance goals, and development plans.

• Partner with Cloud Engineering, DevOps, Architecture, GRC, and Risk teams to embed security controls into cloud platforms, standards, and delivery pipelines.

• Act as a subject matter expert and trusted advisor for cloud security assurance, posture management, and cloud risk governance.

Required Qualifications:

• Deep understanding of AWS native services, architectures, and security controls.

• Strong knowledge of cloud security posture management, vulnerability management, and workload protection concepts.

• Experience integrating cloud security assurance with governance, risk, and compliance frameworks.

• Working knowledge of cloud threat landscapes, attack paths, and risk based prioritization.

• Experience leading CSPM, CWPP, and related cloud security platforms and tooling.

• Understanding of DevSecOps practices and integration of security controls into CI/CD pipelines.

• Ability to translate technical cloud risk into clear business impact for leadership and audit audiences.

• Proven experience leading and developing technical security teams.

• Strong analytical, qualitative, and quantitative reasoning skills.

• Ability to operate independently on complex, high visibility initiatives.

• Excellent written and verbal communication skills, with the ability to influence across technical and non-technical audiences.

• CISSP, CISM, CCSP

• AWS Security Specialty or equivalent cloud security certifications

• SANS or GIAC cloud and security certifications

• Experience supporting regulated environments and audit engagements

• Bachelor’s degree in a technical or security related field

This job will be open and accepting applications for a minimum of seven days from the date it was posted