Senior Cybersecurity Leader

Job Description:

This senior technical leadership position plays a key role in shaping the cybersecurity architecture and engineering strategies of an organization to maintain its leading edge posture.

The successful candidate will oversee multiple security functions, including Cybersecurity Engineering, Architecture, Exposure/Vulnerability Management, and Identity Security, focused on delivering secure solutions, projects, and programs that drive enterprise cyber resilience and support business growth.

• Develop and lead the strategy for modernizing the company's security stack, ensuring architecture stays current with evolving technologies and threats. Oversee/Manage -
  • Spearhead strategic cybersecurity projects across Network Security, Endpoint Security, Cloud Security, and Identity Security, leveraging advanced technologies like SentinelOne, Tenable, Zscaler, SailPoint, and Orca.
  • Drive security solutioning, engineering, and project implementations to mitigate risk and enhance security resilience.
  • Define and maintain security standards, handling exceptions across various technology types and ensuring consistent risk mitigation.
  • Conduct Proofs of Concept (POCs) to evaluate and implement emerging security solutions.
• Oversee cybersecurity engineering and architecture to deliver secure, scalable, and resilient solutions across the enterprise and all business functions.
  • Architect and document robust security solutions for critical corporate infrastructure, cloud environments, and customer-facing platforms.
  • Oversee the deployment and configuration of security solutions including but not limited to next-generation firewalls, EDR/XDR, disk encryption, data security posture management & DLP solutions, and advanced cloud security management solutions (AWS, GCP, Azure, OCI).
  • Maintain a comprehensive Security Architecture Review program for new and existing technologies, ensuring alignment with industry best practices and regulatory standards.

Vulnerability and Exposure Management:

• Direct/Oversee the Vulnerability Assessment and Penetration Testing (VAPT) program, ensuring that the program continuously assesses and mitigates security vulnerabilities and exposures across the organization's technology estate.
• Lead a comprehensive Security Vulnerability Management Program, overseeing Tenable project deployments, and operational processes for managing vulnerabilities in workstations, servers, and applications.
• Execute security assessments for 400+ applications, ensuring secure SDLC practices across the development lifecycle.
• Manage network security, cloud security, and external attack surface vulnerability assessments using tools like Orca, Cycognito, BitSight and others.
• Conduct internal and external penetration tests, simulating attacks to proactively identify and address security gaps.

Identity Governance and Administration:

• Direct the Identity & Access Management program, enforcing policies, controls, and governance that protects access to critical systems and data.
• Oversee the deployment and management of the SailPoint Identity Governance solution, ensuring access is governed based on roles, levels, and lines of business.
• Drive MFA implementation across the organization, along with secure Active Directory configuration and Privileged Access Management (PAM) for high-value admin accounts.

Team and Talent Management:

• Build, lead, and develop high-performing cybersecurity engineering and architecture teams, fostering a culture of excellence and innovation.
• Act as a mentor and advocate for team members' growth, focusing on upskilling talent to address evolving security challenges.

Cross-Functional Collaboration:

• Lead cross-functional collaboration with IT, Risk, Compliance, and other stakeholders to embed cybersecurity best practices across the organization and achieve unified risk management goals.
• Partner with technology, business, and compliance teams to ensure cybersecurity solutions support strategic objectives and regulatory requirements.
• Lead regular security reviews, providing updates to executive leadership and advocating for necessary investments in cybersecurity resources and technologies.

• Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. An advanced degree (Master's or MBA) is preferred.
• Certifications: CISSP, CISM, CISA, CRISC, or equivalent; advanced certifications in security engineering or architecture (e.g., GIAC Security Expert (GSE), Certified Information Systems Security Architect (CISSA)) are a plus.

• 18+ years of experience in cybersecurity, with a focus on security engineering, architecture, vulnerability management, and identity security in a large, complex global organization.
• Proven experience in designing, implementing, and managing security solutions for critical enterprise infrastructure, including cloud environments, network security, and endpoint protection.
• Experience in IT/ITES/BPO environments (preferred) or in highly regulated environments with a thorough understanding of compliance frameworks, including GDPR, HIPAA, PCI-DSS, NIST, and ISO/IEC 27001.

• Hands-on expertise in security engineering and solutioning, including endpoint security (e.g., SentinelOne, CrowdStrike, Carbon Black, Trellix DLP), network security (e.g., Zscaler, PANW, Checkpoint, next-generation firewalls), and cloud security (e.g., Orca, Wiz, Azure, GCP, AWS).
• In-depth knowledge of security architecture, secure SDLC practices, vulnerability management (e.g., Tenable, Rapid7, Qualys), and IAM solutions (e.g., SailPoint, Saviynt, Okta, Delinea).
• Strong understanding of advanced cybersecurity threats, attack vectors, and mitigation strategies across complex multi-cloud and hybrid environments.
• Leadership and Communication:
• Exceptional leadership, team development, and decision-making skills with a proven ability to lead high-performing cybersecurity engineering teams and foster cross-functional collaboration.
• Excellent communication skills, with the ability to effectively convey technical security concepts to non-technical audiences, including senior leadership, clients, and regulatory authorities.