Drive cloud security strategy, roadmap development, and execution across Lennar's cloud environments
Lead technical planning, design decisions, and implementation of enterprise-grade cloud security controls
Serve as the technical authority for cloud security architecture and best practices
Design and implement security controls that enable safe adoption of AI services and AI-assisted workflows
Establish comprehensive guardrails for AI usage covering data protection, access control, logging/monitoring, and approved service standards
Assess and mitigate emerging AI risks including prompt injection, data leakage, model exposure, insecure plugins/connectors, and supply chain vulnerabilities in AI pipelines
Collaborate with Legal, Privacy, and GRC teams to support AI governance requirements and maintain control evidence
Build and manage security solutions across IaaS, PaaS, and SaaS environments
Ensure consistent deployment, configuration, and monitoring of security tooling across all cloud environments
Partner with DevOps and engineering teams to embed security into CI/CD pipelines and cloud-native platforms
Implement and support DevSecOps tooling and practices including SAST/DAST
Align cloud security controls with legal, regulatory, and compliance requirements
Develop and enforce cloud security standards, policies, and best practices
Support internal and external audit requests and lead remediation efforts
Participate in security incident response activities, including investigation and post-incident analysis
Provide guidance to enhance detection, logging, and response capabilities for cloud environments
Mentor junior engineers and provide technical guidance across security engineering and operations teams
Requirements
Bachelor's degree in Computer Science, Cybersecurity, Engineering, or related field required; Master's degree preferred
5+ years of cloud security engineering experience in mid-to-large enterprise environments (1,000+ employees)
5+ years securing public cloud platforms (AWS and/or Azure; Oracle Cloud Infrastructure a plus)
3+ years implementing DevSecOps practices and SDLC security, including SAST/DAST and vulnerability remediation
Demonstrated experience securing major SaaS platforms (Microsoft 365, Salesforce, Box) using CASB/CSPM or similar technologies
One or more of the following certifications: CISSP, CCSP, CCSK, Azure Security Engineer Associate, AWS Certified Security
Specialty
Tech Stack
AWS
Azure
Cloud
Cyber Security
Oracle
SDLC
Benefits
Health insurance, including Medical, Dental, and Vision coverage
401(k) Retirement Plan with a $1 for $1 Company Match up to 5%
Paid Parental Leave
Associate Assistance Plan
Education Assistance Program
Up to $30,000 in Adoption Assistance
Up to three weeks of vacation annually
Generous Holiday, Sick Leave, and Personal Day policies