Senior Director of Cloud Security Architecture

Job Description

As the Senior Director of Cloud Security Architecture, you will be responsible for overseeing the design, implementation, and maintenance of robust security measures to protect our cloud infrastructure and applications. You will be a leader on a team of cloud security architects and engineers, collaborate with cross-functional teams, and ensure that security is integrated into all aspects of the development lifecycle. Your deep technical expertise and strategic vision will help us stay ahead of emerging threats and continuously improve our security posture.

Key Responsibilities

• Develop and deploy advanced security capabilities to secure code and production infrastructure throughout the CI/CD pipeline and across non-production and production environments.
• Identify and mitigate high-risk vulnerabilities in the production environment.
• Utilize static and dynamic code analysis to assess the security of application and infrastructure code.
• Implement and operationalize the AWS Security Pillar of the AWS Well-Architected Framework and the GCP Google Cloud Architecture Framework.
• Define, build, and maintain comprehensive Cloud Security Policies, Standards, and Procedures that meet or exceed regulatory requirements.
• Evaluate, implement, and operationalize CSPM, CWPP, and CNAPP solutions across multi-cloud environments.
• Design and implement a Multi-Cloud Security Strategy, focusing on AWS and GCP.
• Introduce and manage commercial and vetted open-source solutions to secure and continuously monitor cloud infrastructure, services, and workloads.
• Support application delivery and DevOps teams in detecting and resolving security vulnerabilities.
• Leverage Terraform to automate the configuration and maintenance of cloud-native and third-party security solutions.
• Implement strong identity foundations through least privilege policies and enable traceability/observability.
• Apply security measures at all layers, from PoP to endpoint, and automate security best practices for scalability and cost-effectiveness.
• Protect data at rest and in transit with appropriate classifications and minimize direct access or manual processing of data.
• Prepare for security events and build capabilities for SOC to detect, contain, eradicate, and recover from incidents.
• Automate security acceptance testing using Python or Go.
• Harden server operating systems and containers.
• Review and analyze security event logs to support incident response efforts.
• Author and communicate blameless postmortems.
• Lead and mentor a team of cloud security architects and engineers, providing guidance and support for their professional development.
• Collaborate with cross-functional teams to ensure security is integrated into all aspects of the development lifecycle.
• Stay up-to-date with the latest security trends, threats, and technology solutions to continuously improve the organization's security posture.
  
  

Required Qualifications & Skills

• 5+ years of experience securing and monitoring CI/CD pipelines and cloud infrastructure.
• 10+ years of cloud experience in the IT field.
• 12+ years of Information Technology or Information Security experience.
• Proficiency in writing Lambda functions in Python or Go.
• Strong command and understanding of AWS and GCP Security Reference Architecture (SRA).
• In-depth knowledge of AWS cloud internetworking concepts.
• Experience leveraging AWS security and compliance services such as IAM, AWS WAF, and more.
• Expertise in securing Kubernetes, containers, and microservices.
• Experience using Terraform to deploy security-oriented infrastructure and configure security services.
• Proven leadership skills with the ability to manage and mentor a team.
• Excellent communication and collaboration skills to work effectively with stakeholders at all levels.
• Strong problem-solving skills and the ability to think critically and strategically.
  
  

Preferred Qualifications

• Experience with commercial cloud-native application protection platforms such as Prisma Cloud.
• Working knowledge of GitLab.
• Desirable Certifications: AWS SysOps Administrator, AWS Certified Solutions Architect, AWS Certified Security Specialty, equivalent GCP, OSCP, GWEB, and GCSA.
  
  

About Us

At Caesars Entertainment, Inc., our Team Members create the extraordinary. We are the largest casino-entertainment company in the U.S. and one of the world's most diversified casino-entertainment providers. Since beginning in Reno, Nevada, in 1937, Caesars Entertainment has grown through the development of new resorts, expansions and acquisitions. Our resorts operate primarily under the Caesars®, Harrah's®, Horseshoe® and Eldorado® brand names. We focus on building loyalty and value with our guests through a combination of impeccable service, operational excellence and technological leadership. The company is committed to its Team Members, suppliers, communities and the environment through its PEOPLE PLANET PLAY framework.

Our Caesars family is driven by our Mission, Vision and Values. We take great pride in living these values – Together We Win, All In On Service and Blaze the Trail – every day. Our mission, “Create the Extraordinary”. Our vision, “Create spectacular worlds. That immerse, inspire and connect you. We don’t perform magic; we create it with excellence. #WeAreCaesars”. If you are ready to create some magic, we invite you to explore our dynamic, yet unique, career opportunities.