Overview
Director of Cloud Security Jobs in United States at Omilia
Title: Director of Cloud Security
Company: Omilia
Location: United States
Omilia operates a proprietary, end-to-end conversational AI cloud platform serving enterprise contact
centres in regulated industries including banking, utilities, and telecoms. The platform is cloud-native
on AWS, Kubernetes-orchestrated, multi-tenant and single-tenant, and holds government-grade
certifications including FedRAMP, ISO 27001, SOC 2 Type II, PCI-DSS Level 1, HIPAA, and GDPR.
The Director of Cloud Security will own the security posture of this platform end-to-end: from
infrastructure hardening and threat modelling through to audit evidence production and customer-
facing security assurance.
Key Responsibilities
Cloud Security Ownership
- Define and execute Omilia's cloud security strategy across all deployment models: multi-tenant SaaS,
exclusive tenant, private cloud, and hybrid.
- Own the AWS security architecture including IAM, VPC design, GuardDuty, Security Hub, CloudTrail, KMS
key management, and secrets management.
- Lead infrastructure hardening programmes using golden image pipelines, CIS Benchmarks, and automated
compliance scanning.
- Ensure network segmentation, tenant data isolation, and zero-trust principles are implemented and
maintained across all environments.
Compliance & Certification Leadership
- Own the annual renewal and continuous readiness of FedRAMP, SOC 2 Type II, ISO 27001, PCI-DSS Level
1, HIPAA, and GDPR across the cloud platform.
- Drive the EU AI Act compliance programme as it applies to high-risk AI system classifications relevant to
Omilia's deployments in regulated sectors.
- Produce and maintain the security control evidence pack used in enterprise customer due diligence, RFP
responses, and regulatory audits.
- Act as primary technical liaison with external auditors, QSAs, and penetration testing firms
AI & Data Security
- Define data security controls for voice data processing pipelines, including real-time PCI redaction, voice
biometric data storage, and training data anonymisation.
- Assess security implications of LLM and generative AI integrations (Pathfinder, miniApps, RAG pipelines)
and establish guardrails for model input/output security.
- Own the subprocessor security assessment programme and ensure DPA/Security Exhibit obligations are
met across the third-party supply chain.
Security Engineering & Operations
- Lead vulnerability management: SAST/DAST integration in CI/CD, container image scanning, CVE triage,
patch SLAs.
- Own incident response for cloud-tier events: detection, containment, eradication, recovery, and post-incident
review.
- Define and operate security monitoring and SIEM coverage for the OCP platform, ensuring audit logs are
immutable, queryable, and exportable.
- Collaborate with engineering on secure SDLC practices, threat modelling for new features, and security
review gates in the release process.
Stakeholder Engagement
- Support Sales and Customer Success in enterprise security questionnaires, customer security reviews, and
contract security exhibit negotiations.
- Represent cloud security posture to the CISO, CTO, and executive team; translate technical risk into
business impact language.
- Engage with CCaaS platform partners (NICE, Five9, Genesys, RingCentral) on integration security
requirements and shared responsibility boundaries.
Requirements
8+ years in information/cloud security, with at least 4 years in a senior individual contributor or leadership
role.
- Deep hands-on AWS security expertise: well-versed in AWS security services, architecture patterns, and
shared responsibility model.
- Demonstrated experience leading or co-leading at least one FedRAMP authorisation (ATO process) or
equivalent high-assurance compliance programme.
- Strong working knowledge of PCI-DSS, SOC 2, ISO 27001, HIPAA, and GDPR as they apply to SaaS/cloud
service providers — not just as customer obligations.
- Experience with Kubernetes security (pod security policies/admission controllers, network policies, secrets
management, runtime security).
- Proven ability to produce board-quality security reporting and present to enterprise customers and auditors
- Professional certification: CISSP, CCSP, AWS Security Specialty, or equivalent. CISA is a plus
Preferred / Differentiating Experience
- Prior experience in a conversational AI, CCaaS, or voice/telephony platform company
- Familiarity with EU AI Act requirements, NIST AI RMF, or AI-specific security governance frameworks
- Experience securing LLM inference pipelines, RAG architectures, or real-time audio processing workloads
- Background working with BPO/enterprise contact centre customers with high compliance scrutiny (banking,
government, utilities).
- Exposure to FedRAMP High or IL4/IL5 environments
Benefits
Benefits
- Fixed compensation;
- Long-term employment with the working days vacation;
- Development in professional growth (courses, training, etc);
- Being part of successful cutting-edge technology products that are making a global impact in the service industry;
- Proficient and fun-to-work-with colleagues;
- Apple gear
Apply Now to join Omilia and help engineer the future of conversational AI.
Omilia is proud to be an equal opportunity employer and is dedicated to fostering a diverse and inclusive workplace. We believe that embracing diversity in all its forms enriches our workplace and drives our collective success. We are committed to creating an environment where everyone feels welcomed, valued, and empowered to contribute their unique perspectives without regard to factors such as race, color, religion, gender, gender identity or expression, sexual orientation, national origin, heredity, disability, age, or veteran status, all eligible candidates will be given consideration for employment.
