IT Security Specialist

Job Title: IT Security Specialist

Location: Chicago, IL or Washington, DC (100% onsite)

Duration: March 10, 2025 - June 30, 2025

Job Description:

Join our dynamic Global Information Security (GIS) team as an IT Security Specialist. This role is crucial for our Cloud Defense team, ensuring secure Public Cloud service consumption. We seek Cloud Architects to collaborate with Technology Infrastructure, CIO teams, and Operational Risk partners to develop secure cloud usage patterns and blueprints.

Key Responsibilities:

• Ensure IT systems meet enterprise standards, comply with regulations, and manage risk appropriately.
• Assess and evaluate security controls for cloud infrastructure (IaaS, PaaS, SaaS) based on industry best practices, compliance requirements, and bank security policies.
• Implement security measures to protect against threats, vulnerabilities, and breaches in Azure and AWS environments.
• Develop and maintain documentation for cloud security controls, policies, and procedures.
• Monitor and evaluate the effectiveness of existing cloud security controls and recommend enhancements.
• Conduct regular security assessments and audits of cloud environments to identify and mitigate potential security threats and vulnerabilities.
• Participate in internal and external audits to demonstrate compliance with cloud security requirements.
• Collaborate with DevOps, IT, and business teams to integrate security controls into cloud deployments and CI/CD pipelines.
• Stay current with emerging cloud security trends, technologies, and best practices.

Primary Interactions:

• Product Owner
• Development Lead
• Project/Solution Architect
• Scrum Master/Project Manager
• Senior Engineer
• Information Security Engineer
• Architect Community of Practice
• BISO
• Operational Risk

Required Skills:

• Experience in cloud security, compliance, risk management, privacy, governance, and internal audit.
• Experience building enterprise security strategies for cloud adoption or evolving programs to meet new requirements.
• Hands-on expertise in Security Architecture, automation, integration, and deployment (DevOps).
• Knowledge of key differences between popular cloud provider solutions and cloud orchestration tools (e.g., Azure, AWS, GCP, Pivotal Cloud Foundry, BOSH, Kubernetes, Docker).
• Experience architecting solutions within AWS, Azure, and GCP.
• Strong domain expertise in cloud infrastructure computing, network, storage, and the cloud control plane.
• Experience with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.
• Experience building security reference architecture for all-in cloud deployments and hybrid scenarios.
• Familiarity with enterprise security solutions such as WAF, IPS, Anti-DDOS, and SIEM.
• Understanding of compliance security standards across the enterprise IT landscape.
• Knowledge of enterprise risk management methods and techniques for successful outcomes in a globally distributed environment.
• Working knowledge of cloud computing technologies and workload transition challenges.
• Growth mindset with a passion for learning and using new/emerging technologies.
• Ability to work independently and collaboratively on cross-functional teams.