Manager, Cloud Security

We are seeking a highly skilled and visionary Cloud Security Manager to lead the strategic and operational security efforts across our Azure and hybrid cloud environments. Reporting directly to the Director of Cybersecurity, this critical role will safeguard mission-critical applications and systems, enable secure digital transformation, and drive business innovation while maintaining a robust security posture. The Cloud Security Manager will be responsible for managing and mentoring a team of cybersecurity professionals, ensuring alignment with organizational objectives and fostering a culture of security excellence in a dynamic, cloud-first enterprise.

The ideal candidate brings deep expertise in Microsoft Azure security frameworks, hands-on experience with Microsoft Sentinel, Azure Arc, and data center modernization, and a proven track record of leading cross-functional security and infrastructure teams. This role will spearhead the design, implementation, and governance of secure cloud-first and hybrid environments, ensuring agility, resilience, and compliance with global regulations.

Essential Duties and Responsibilities

Strategic Leadership & Security Architecture

• Define and drive a comprehensive cloud and hybrid security strategy aligned with enterprise risk management, regulatory compliance, and business objectives.
• Lead the design, implementation, and management of secure Azure and hybrid architectures, including governance of Azure Arc-enabled infrastructure and modernized datacenter environments.
• Provide thought leadership on secure migration paths, cloud security architecture patterns, and secure-by-design principles to support scalable and resilient operations.
• Collaborate with senior leadership to align security initiatives with strategic business goals and emerging technology trends.

Team Leadership & People Management

• Lead, mentor, and manage a team of IT, cloud, and cybersecurity professionals, fostering a collaborative, high-performing, and security-first culture.
• Set clear team and individual goals, establishing measurable Key Performance Indicators (KPIs) such as incident response time, compliance audit pass rates, vulnerability remediation timelines, and successful deployment of security controls.
• Develop and track performance metrics to ensure team objectives align with organizational security priorities, including reducing cloud security risks and improving threat detection accuracy.
• Conduct regular performance evaluations, provide constructive feedback, and create professional development plans to support team members' growth and career progression.
• Oversee recruitment, onboarding, and training of new team members, ensuring alignment with security standards and organizational culture.
• Delegate responsibilities effectively, optimizing workload distribution and leveraging team members' expertise to achieve security outcomes.

Cloud & Hybrid Security Oversight

• Manage security policies, identity and access management (IAM), conditional access, data protection, and encryption across Azure workloads and on-premises integrations.
• Oversee configuration and management of Microsoft Sentinel and Splunk, including analytics rules, incident automation, and advanced threat hunting capabilities.
• Ensure implementation and enforcement of zero trust architecture, network segmentation, and workload security controls across hybrid platforms.
• Monitor and optimize security configurations for Azure services, including Azure AD, Microsoft Defender for Cloud, Key Vault, Policy, Security Center, and Azure Firewall.

Governance, Risk & Compliance

• Develop and maintain cloud and hybrid cloud security policies, standards, and procedures in line with ISO 27001, NIST , and other relevant frameworks.
• Ensure ongoing compliance with global regulations, including GDPR, PCI-DSS, and aviation-specific standards (e.g., FAA, IATA).
• Conduct regular risk assessments and audits, reporting on cloud security posture, risks, and control effectiveness to executive stakeholders and audit committees.
• Implement governance frameworks to ensure secure configuration and compliance across Azure Arc-enabled infrastructure and hybrid environments.

Emerging Technologies & Continuous Improvement

• Continuously evaluate emerging security technologies, trends, and tools to enhance detection, response, and prevention capabilities in cloud and hybrid environments.
• Lead security assessments, penetration testing, and red/blue team exercises to identify and mitigate vulnerabilities across hybrid platforms.
• Drive automation and orchestration of security operations using Microsoft Sentinel, Azure Logic Apps, PowerShell, and third-party integrations to improve efficiency and response times.
• Champion continuous improvement by implementing lessons learned from incidents and assessments to strengthen the security program.

Minimum Education and/or Experience

• Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field from an accredited institution, or an equivalent combination of education and experience (e.g., four years of relevant technical training and professional experience). 
• 8+ years of progressive experience in cloud and cybersecurity roles, with at least 3 years in a leadership or managerial position overseeing teams and complex security programs.
• Extensive expertise in Microsoft Azure security services, including Azure AD, Microsoft Defender for Cloud, Key Vault, Policy, Security Center, and Azure Firewall.
• Strong understanding of hybrid cloud environments, with hands-on experience in Azure Arc and on-premises-to-cloud transformation.
• Proven experience deploying and managing Microsoft Sentinel, including playbooks, threat intelligence integration, and SIEM tuning.
• Solid knowledge of modern datacenter architectures, virtualization, and cloud infrastructure management tools.
• Demonstrated leadership in incident response, threat management, vulnerability remediation, and security risk analysis.

Additional knowledge and skills:

• Professional certifications such as Microsoft Certified: Azure Security Engineer Associate, Azure Solutions Architect Expert, CISSP, CCSP, or GIAC Cloud Security Automation (GCSA).
• Experience in the aviation, transportation, or critical infrastructure sectors.
• Proficiency in managing Splunk for security monitoring and analytics in hybrid environments.
• Demonstrated expertise in third-party risk management and vendor security assessments.
• Familiarity with advanced automation and orchestration tools, such as Azure Logic Apps or SOAR platforms, for security operations.
• Exceptional communication, leadership, and project management skills, with a proven ability to mentor teams and influence stakeholders at all levels.
• Proven ability to build and lead high-performing, cross-functional security teams in a fast-paced environment.
• Ability to thrive in a fast-paced, global environment with a strong commitment to operational excellence and team success.
• Proven track record of leading complex, enterprise-wide security initiatives and managing diverse teams.
• Strong analytical and problem-solving skills, with a proactive approach to identifying and mitigating cloud security risks.
• Availability to respond to security incidents outside of regular business hours as needed.