We are seeking a highly experienced Cloud Security Engineer to lead the deployment, operationalization, and continuous improvement of Cloud Security tooling across our multi-cloud enterprise environment. This position will also be responsible for Cloud native AWS tooling and automating solutions leveraging GitLab deployments, including AWS Guard Duty, Defender for Cloud, Security Hub, AWS Inspector, etc.. via Terraform. Familiar with AI capabilities leveraging Amazon Bedrock and Azure Foundry. ESSENTIAL DUTIES AND RESPONSIBILITIES Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time. - Wiz Platform Deployment & Ownership - CSPM, CWPP, CI/CD Integration & Remediation - Platform Expertise: Hands-on experience building and auditing services like AWS IAM, AWS KMS, Azure Active Directory (Entra ID), Azure Key Vault, and Azure Security Center. - Network & Infrastructure Security: Hardening virtual private clouds (VPCs), configuring Web Application Firewalls (WAFs), and implementing secure micro-segmentation. - Infrastructure-as-Code (IaC) Security: Integrating automated security "guardrails" directly into CI/CD pipelines to catch vulnerabilities before they reach production.  Threat Detection & Incident Response: Monitoring cloud trails (e.g., AWS CloudWatch or Microsoft Sentinel - Scripting & Automation: Proficiency in scripting languages such as Python or PowerShell, and configuration languages like Terraform or ARM templates. - Compliance Frameworks: Deep understanding of regulatory standards like CSA, NIST, CIS benchmarks and Zero Trust architectures. - Industry Certifications: Preferred credentials include the Certified Cloud Security Professional (CCSP), AWS Certified Security 6 Specialty, and Microsoft Certified: Azure Security Engineer Associate. - Lead the implementation of new Cloud security technologies or integration of existing technologies including initial configuration, installation, change management, and operational handoff - Use sophisticated analytical thought through models, testing, and experience to exercise judgment and identify innovative solutions. - Responsible for technical support of Cloud security technologies providing expert problem analysis and resolution in a timely manner. - Leads teams or projects with moderate resource requirements, risk, and complexity. - Leadership, Strategy & Governance Qualifications Required Qualifications The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. - Bachelors degree or equivalent education, training, and work-related experience. - Minimum of 5 years of experience in security engineering or related cybersecurity roles. - Advanced knowledge in cybersecurity principles, theories, and concepts. - Proven experience in software development lifecycle security practices. - Advanced knowledge of threat modeling, security testing, and penetration testing. - Experience implementing and managing complex information security technologies. Preferred Qualifications - 7+ years Cloud Security experience - 6+ years securing AWS/Azure/GCP - Deep expertise in Wiz platform - Strong experience with CSPM, CWPP, CI/CD security - Strong automation and scripting background - Experience in Global 100 or Fortune 50 environments - Wiz Architect/Practitioner certifications - AWS/Azure/GCP security certifications - Banking or financial services experience. - Other security certifications (e.g. CCNA Security, GSEC, GCED, GPPA, etc.) - Other technical Certifications (e.g. CCNA, RHCE, MCSE, etc.) - Certification in Information Security Management (e.g. Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) or Certified Information Security Manager (CISM)), or related security certification(s) The annual base salary for this position is $100,000-$126,000. Additional incentive pay is available for this position. General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position.Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truists generous benefit plans, please visit . Depending on the position and division, this job may also be eligible for Truists defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.