More jobs:
Cloud Security Principal Engineer
Job in
Durham, Durham County, North Carolina, 27703, USA
Listed on 2026-03-10
Listing for:
Ally Financial Inc.
Full Time, Part Time, Per diem
position Listed on 2026-03-10
Job specializations:
-
IT/Tech
Cybersecurity, Systems Engineer
Job Description & How to Apply Below
Work Schedule:
Ally designates roles as (1) fully on-site, (2) hybrid, or (3) fully remote. Hybrid roles are generally expected to be in the office a certain number of days per week as indicated by your manager. Your hiring manager will discuss this role's specific work requirements with you during the hiring process. All work requirements are subject to change at any time based on leader discretion and/or business need.###
The Opportunity The Cloud Security Principal Engineer position at Ally is a member of the Information Protection and Risk Management team and works closely with other members of the IPRM program to identify, manage, and mitigate security risks engineer is part of a broader team of security engineers reporting to the Sr. Director, Cloud Security who are responsible for developing, deploying, and integrating technical controls and tools to meet specific security requirements, as well as defining processes and standards to ensure that security configurations and tools are maintained.
This is a project focused resource within the organization and will focus on designing and implementing both technologies and governance processes focused on our SaaS platforms. This resource will have potential opportunity to transition into a longer-term engagement to continue to mature and improve the SaaS security service.
* Primary responsibility will be to support our existing cloud security infrastructure and security projects with potential to take on responsibilities for other technologies such as Dev Ops toolchain, Cloud automation, SaaS posture management, AI and other technologies.
* Define and mature cloud-focused security policies and controls (governance, processes, frameworks, metrics)
* Managing the day to day troubleshooting of the enterprise CSPM platform and other security controls. This includes:+ Configuration tuning, troubleshooting, as well as defining and executing escalation criteria.+ Work with Security teams to tune control systems to best meet the need of the business.+ Ability to identify security risks and work with IPRM team to report and lead the remediation efforts.
* Perform architecture and engineering responsibilities in support of existing technologies and new security projects.
* Perform daily, weekly and monthly health checks, user activity audits and must have good knowledge in determining baseline offsets.
* Identify, Implement, and Operationalize security technologies and processes to improve visibility and reduce risk
* Partner with other technical leaders throughout the organization to refine and mature Ally’s security posture for cloud-based technologies and platforms, as well as identifying and maturing our application security capabilities
* Consult with project teams to ensure that platform architecture has proper security controls in place (focused on Cloud Providers / SaaS engagements)
* Cloud Platform Security and Dev Sec Ops / Pipeline Security### The Skills You Bring
** Minimum Qualifications*
* * 7+ years of relevant experience
* Bachelor’s Degree in relevant field(s) of study or equivalent
** Preferred Qualifications*
* * Demonstrated technical expertise in two or more technology areas (compute, storage, network, data, etc)
* Experience as a software developer with knowledge of automation, Infrastructure as Code and Dev Ops + CI/CD tools and processes
* Strong programming skills in Python, Terraform, and experience in frameworks like Tensor Flow, PyTorch.
* 5+ years of experience in information security practices, controls, and governance (CISSP preferred)
* 5+ years of experience as a technical resource within an IT organization (enterprise / matrixed organization preferred)
* 4+ years of experience with cloud platforms (operational experience preferred for AWS, Azure, GCP, etc)
* Demonstrate technical expertise/working knowledge of OWASP Top 10 LLM and AI Security.
* Builds partnerships, translates complexities into simple terms, ability to maintain focus on objectives
* Process/procedures, standards/policies, architectures, etc)#LI-Hybrid Incentive Compensation:
This position is eligible to participate in our annual incentive plan.
Ally's compensation program offers market-competitive base pay and pay-for-performance incentives (bonuses) based on achieving personal and company goals. Our Total Rewards program includes industry-leading compensation and benefits plus additional incentives that are designed to meet your needs and those of your family so you can get the most out of your career and your life, including:
* ** Time Away:
** Program starts at 20 paid time off days in addition to 11 paid holidays and 8 hours of volunteer time off yearly (time off days are prorated based on start date and program varies based on full or part-time status and management level).
* ** Planning for the Future:
** plan for the near and long term with an industry-leading 401K retirement savings plan with matching and company…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×