Cloud Security Engineer

About The Company BMO Financial Group is a leading North American financial services provider committed to delivering innovative banking solutions and exceptional customer service. With a rich history spanning over two centuries, BMO has established a strong presence across Canada and the United States, offering a comprehensive range of personal, commercial, and corporate banking services. The company prides itself on fostering a culture of integrity, inclusivity, and continuous improvement, leveraging cutting-edge technology to meet the evolving needs of its clients. As a forward-thinking organization, BMO emphasizes digital transformation and cybersecurity excellence to safeguard client assets and data in an increasingly complex digital landscape. About The Role We are seeking an enthusiastic and passionate professional for a Senior Cloud, AI & Data Security Engineer role who wants to design and implement security solutions for systems and services across AWS, Azure, and AI/ML platforms. This position offers an exciting opportunity to lead the development of security architectures that meet and exceed industry standards, ensuring robust protection for cloud environments, AI/ML systems, and sensitive data assets. The successful candidate will establish high security standards, provide assurance to management and auditors, and embed security controls into operational and DevOps practices with a focus on automation and continuous improvement. You will be a key member of BMO’s Cloud, AI, and Data Security team, driving strategic initiatives to safeguard organizational assets. Your expertise will influence the development of security policies, risk management strategies, and operational procedures, fostering a security-first culture across technology teams. This role requires a leader with a strong technical background, capable of inspiring teams, injecting innovative security solutions, and navigating the rapidly evolving AI threat landscape. Qualifications A university degree in Engineering, Computer Science, Information Technology, or a related field. 7-10 years of experience in developing and implementing security architectures and engineering across cloud, data, and AI security domains. Professional security certifications such as CISSP, CCSP, CCSK, or Cloud Security Specialty certifications (e.g., AWS Certified Security Specialty, Microsoft Certified: Azure Security Engineer Associate). Emerging knowledge or certifications in AI security (e.g., CDAI, CompTIA AI+), data security (e.g., CDPSE, CIPP), or related fields. Deep understanding of cloud architecture, cloud operations, identity and access management, and security automation tools. Experience with AI/ML frameworks and platforms such as TensorFlow, PyTorch, SageMaker, and Azure ML, including their associated security risks. Knowledge of data security practices, including data loss prevention, encryption, data classification, and privacy regulations like GDPR, CCPA, and PIPEDA. Strong scripting and programming skills in Python, PowerShell, Bash, Node.js, and experience with Infrastructure as Code (IaC) security tools. Excellent interpersonal skills with the ability to communicate complex security concepts effectively across diverse teams and stakeholders. Responsibilities Cloud Security Assess, design, implement, automate, and document security solutions, controls, and processes for AWS and Azure cloud platforms. Develop and maintain security patterns for cloud services, ensuring adherence to best practices and compliance standards. Design and implement security baseline controls for cloud services, integrating them into CI/CD pipelines. Build and deliver policies as code, automating security controls and best practices across cloud environments. Review and approve code changes with security implications, including IAM roles, security groups, and access policies. Serve as the cloud security subject matter expert, providing guidance for IaaS, PaaS, and SaaS implementations. AI & Machine Learning Security Define and implement a comprehensive security framework for AI/ML systems, covering data ingestion, training, deployment, and monitoring phases. Assess and mitigate AI-specific threats such as adversarial attacks, model inversion, data poisoning, prompt injection, and model theft. Evaluate and secure AI/ML platforms and tools, including Amazon SageMaker, Azure Machine Learning, and OpenAI APIs. Collaborate with data science and AI engineering teams to embed security controls into MLOps pipelines, ensuring model integrity and auditability. Monitor emerging AI threat landscapes and regulatory developments, translating them into organizational security controls. Data Security Implement and manage data security posture management tools to monitor sensitive data exposure across cloud environments. Establish controls for structured and unstructured data stores such as data lakes, warehouses, and file sharing platforms. Promote data-centric security practices within application development and analytics teams. General Security Leadership Provide expertise on architecture, authentication, and systems security based on a thorough understanding of the engineering stack and data flow. Lead cybersecurity risk assessments for new and existing technologies, including AI/ML systems and data platforms. Offer pragmatic cybersecurity guidance during major technology projects to enable secure innovation. Assist in investigating and remediating security incidents, including AI model compromises and data breaches. Collaborate closely with security, product, and development teams to assess risks and implement effective controls. Your Mindset Self-starter with the ability to manage multiple projects and priorities efficiently.