Enterprise Cybersecurity Leader

Job Title: Enterprise Cybersecurity Leader

This role involves leading critical enterprise security projects, developing and implementing comprehensive security standards, ensuring secure architecture, evaluating and deployed new security solutions, and managing cross-functional cybersecurity initiatives.

• Cybersecurity Strategy & Solutioning:

• Develop and lead the strategy for modernizing the company's security stack, ensuring architecture stays current with evolving technologies and threats.

• Oversee/Manage:

• • Spearhead strategic cybersecurity projects across Network Security, Endpoint Security, Cloud Security, and Identity Security, leveraging advanced technologies like SentinelOne, Tenable, Zscaler, SailPoint, and Orca.
  • Drive security solutioning, engineering, and project implementations to mitigate risk and enhance security resilience.
  • Define and maintain security standards, handling exceptions across various technology types and ensuring consistent risk mitigation.
  • Conduct Proofs of Concept (POCs) to evaluate and implement emerging security solutions.
  • Security Architecture & Engineering:
  • • Oversee cybersecurity engineering and architecture to deliver secure, scalable, and resilient solutions across the enterprise and all business functions.
    • Architect and document robust security solutions for critical corporate infrastructure, cloud environments, and customer-facing platforms.
    • Oversee the deployment and configuration of security solutions including but not limited to next-generation firewalls, EDR/XDR, disk encryption, data security posture management & DLP solutions, and advanced cloud security management solutions (AWS, GCP, Azure, OCI).
    • Maintain a comprehensive Security Architecture Review program for new and existing technologies, ensuring alignment with industry best practices and regulatory standards.
    • Vulnerability & Exposure Management:
    • • Direct/Oversee the Vulnerability Assessment and Penetration Testing (VAPT) program, ensuring that the program continuously assesses and mitigates security vulnerabilities and exposures across the organization's technology estate.
      • Lead a comprehensive Security Vulnerability Management Program, overseeing Tenable project deployments, and operational processes for managing vulnerabilities in workstations, servers, and applications.
      • Execute security assessments for 400+ applications, ensuring secure SDLC practices across the development lifecycle.
      • Manage network security, cloud security, and external attack surface vulnerability assessments using tools like Orca, Cycognito, BitSight and others.
      • Conduct internal and external penetration tests, simulating attacks to proactively identify and address security gaps.
      • Identity Governance & Administration:
      • • Direct the Identity & Access Management program, enforcing policies, controls and governance that protects access to critical systems and data.
        • Oversee the deployment and management of the SailPoint Identity Governance solution, ensuring access is governed based on roles, levels, and lines of business.
        • Drive MFA implementation across the organization, along with secure Active Directory configuration and Privileged Access Management (PAM) for high-value admin accounts.
        • Team & Talent Management:
        • • Build, lead, and develop high-performing cybersecurity engineering and architecture teams, fostering a culture of excellence and innovation.
          • Act as a mentor and advocate for team members' growth, focusing on upskilling talent to address evolving security challenges.
          • Cross-Functional Collaboration:
          • • Partner with technology, business and compliance teams to ensure cybersecurity solutions support strategic objectives and regulatory requirements.
            • Lead regular security reviews, providing updates to executive leadership and advocating for necessary investments in cybersecurity resources and technologies.
            • Qualifications and Skills:
            • • Education:
              • • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. An advanced degree (Master's or MBA) is preferred.
              • Certifications:
              • • CISSP, CISM, CISA, CRISC, or equivalent; advanced certifications in security engineering or architecture (e.g., GIAC Security Expert (GSE), Certified Information Systems Security Architect (CISSA)) are a plus.
              • Experience:
              • • 18+ years of experience in cybersecurity, with a focus on security engineering, architecture, vulnerability management, and identity security in a large, complex global organization.
                • Proven experience in designing, implementing, and managing security solutions for critical enterprise infrastructure, including cloud environments, network security, and endpoint protection.
                • Experience in IT/ITES/BPO environments (preferred) or in highly regulated environments with a thorough understanding of compliance frameworks, including GDPR, HIPAA, PCI-DSS, NIST, and ISO/IEC 27001.
                • Technical Skills:
                • • Hands-on expertise in security engineering and solutioning, including endpoint security (e.g., SentinelOne, CrowdStrike, Carbon Black, Trellix DLP), network security (e.g., Zscaler, PANW, Checkpoint, next-generation firewalls), and cloud security (e.g., Orca, Wiz, Azure, GCP, AWS).
                  • In-depth knowledge of security architecture, secure SDLC practices, vulnerability management (e.g., Tenable, Rapid7, Qualys), and IAM solutions (e.g., SailPoint, Saviynt, Okta, Delinea).
                  • Strong understanding of advanced cybersecurity threats, attack vectors, and mitigation strategies across complex multi-cloud and hybrid environments.
                  • Leadership and Communication:
                  • • Exceptional leadership, team development, and decision-making skills with a proven ability to lead high-performing cybersecurity engineering teams and foster cross-functional collaboration.
                    • Excellent communication skills, with the ability to effectively convey technical security concepts to non-technical audiences, including senior leadership, clients, and regulatory authorities.