Director, Cloud Security Engineering

You could be the one who changes everything for our 28 million members by using technology to improve health outcomes around the world.  As a diversified, national organization, Centene's technology professionals have access to competitive benefits including a fresh perspective on workplace flexibility.
 

Position Purpose:
The Director of Cloud Security will be responsible for leading and managing the organization's cloud security initiatives, ensuring the protection of cloud-native applications and on-premises environments. This role will oversee the Cloud Native Application Protection Platform (CNAPP) and the Tenable scanning environment, ensuring robust security measures are in place to safeguard against threats and vulnerabilities. The Director will collaborate with cross-functional teams to develop and implement security strategies, policies, and procedures that align with industry best practices and regulatory requirements. This position requires a deep understanding of cloud security technologies, risk management, and compliance standards to effectively protect the organization's digital assets.

• Develop and execute comprehensive cloud security strategies for AWS and Azure environments.
• Oversee the implementation and management of the Cloud Native Application Protection Platform (CNAPP).
• Manage the on-premises Tenable scanning environment to ensure continuous monitoring and assessment of security vulnerabilities.
• Collaborate with cross-functional teams to establish and enforce security policies and procedures.
• Ensure compliance with industry standards and regulatory requirements.
• Conduct risk assessments and implement mitigation strategies to protect digital assets.
• Stay updated with the latest cloud security trends and technologies to enhance the organization's security posture.
• Deep understanding and expertise regarding enterprise and cloud security architecture.
• Directs development of  reference architecture and implementation patterns related to security solutions, with an emphasis on AWS security services (e.g., IAM, KMS, CloudTrail, GuardDuty, Config, WAF, Control Tower).
• Collaborates on cross-program and cross-project Security Architecture strategies, opportunities, and problem resolution, including hybrid and multi-cloud environments.
• Drives collaboration with DevOps, Cloud Engineering, and Application Development teams to embed security into CI/CD pipelines and cloud-native applications.
• Ensures conformance and compliance of projects and programs with architectural security guidelines and regulatory frameworks (e.g., NIST, ISO 27001, HIPAA) as applied to AWS, Azure and other cloud platforms.
• Drives and assists in aligning new security initiatives with senior management, particularly in the context of cloud workload migrations, cloud-native application development, and zero-trust architecture.
• Directs and guides the security staff in identifying, developing, implementing, and maintaining security processes to reduce risks, respond to incidents, and limit attack surface to the company’s cloud environments.
• Supports the mitigation of significant security risks, designs strategies and programs to prevent and minimize loss of organizational assets, all while optimizing costs and leveraging Azure-native automation and monitoring capabilities.
• Advises senior management of changes in the technical, legal, and regulatory areas impacting Information Security, especially those related to Microsoft’s evolving cloud compliance landscape.
• Assists with risk assessments closures and ensures that resulting action items are addressed in a timely manner, including cloud-specific threat modeling and secure design reviews.
• Assists with the development and implementation of security controls for Kubernetes clusters, containers, microservices, API’s and service mesh security patterns.
• Stays current with emerging cloud security capabilities, threats, vulnerabilities, and regulatory requirements.
• Performs other duties as assigned.
• Complies with all policies and standards.

Education/Experience:
Requires a Bachelor's degree and 7+ years of related experience, including prior management experience.

Or equivalent experience acquired through accomplishments of applicable knowledge, duties, scope and skill reflective of the level of this position.

Technical Skills:

• Experience with cloud security strategies for AWS and Azure environments
• Experience with Infrastructure As A Service (IaaS); Platform as a Service (PaaS); Software as a Service (SaaS)
• Knowledge of Cloud native and third-party security solutions

Soft Skills:

• Ability to lead/manage others
• Collaboration and team building skills
• Effectively coaches and delivers constructive feedback
• Instills commitment to organizational goals
• Ability to communicate and make recommendations to upper management
• Effective conflict management skills
• Develops and delivers effective presentations
• Demonstrated negotiation skills
• Ability to analyze and interpret financial data in order to facilitate on projects initiatives and goals

Certifications:

• CISSP, CASP, CISM, AWS security or app/dev certifications, or Azure Security Certifications preferred

Centene offers a comprehensive benefits package including: competitive pay, health insurance, 401K and stock purchase plans, tuition reimbursement, paid time off plus holidays, and a flexible approach to work with remote, hybrid, field or office work schedules.  Actual pay will be adjusted based on an individual's skills, experience, education, and other job-related factors permitted by law, including full-time or part-time status.  Total compensation may also include additional forms of incentives. Benefits may be subject to program eligibility.

Centene is an equal opportunity employer that is committed to diversity, and values the ways in which we are different. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other characteristic protected by applicable law.

Qualified applicants with arrest or conviction records will be considered in accordance with the LA County Ordinance and the California Fair Chance Act