Security Leader

Job Title:

Overview:

The Senior Enterprise Security Strategist is a senior technical leader responsible for shaping the company's cybersecurity architecture and engineering strategies to keep its cybersecurity posture at the leading edge. This role will oversee the Cybersecurity Engineering, Architecture, Exposure/Vulnerability Management, and Identity Security functions, focused on delivering security solutions, projects and relevant programs that drive enterprise cyber resilience and secure business growth.

This position involves leading critical enterprise security projects, developing and implementing comprehensive security standards, ensuring secure architecture, evaluating and deployed new security solutions, and managing cross-functional cybersecurity initiatives.

Key Responsibilities:

• Develop and lead the strategy for modernizing the company's security stack, ensuring architecture stays current with evolving technologies and threats. Oversee/Manage -

• Spearhead strategic cybersecurity projects across Network Security, Endpoint Security, Cloud Security, and Identity Security, leveraging advanced technologies like SentinelOne, Tenable, Zscaler, SailPoint, and Orca.

• Drive security solutioning, engineering, and project implementations to mitigate risk and enhance security resilience.

• Define and maintain security standards, handling exceptions across various technology types and ensuring consistent risk mitigation.

• Conduct Proofs of Concept (POCs) to evaluate and implement emerging security solutions.

Security Architecture & Engineering:

• Oversee cybersecurity engineering and architecture to deliver secure, scalable, and resilient solutions across the enterprise and all business functions.

• Architect and document robust security solutions for critical corporate infrastructure, cloud environments, and customer-facing platforms.

• Oversee the deployment and configuration of security solutions including but not limited to next-generation firewalls, EDR/XDR, disk encryption, data security posture management & DLP solutions, and advanced cloud security management solutions (AWS, GCP, Azure, OCI).

• Maintain a comprehensive Security Architecture Review program for new and existing technologies, ensuring alignment with industry best practices and regulatory standards.

Vulnerability & Exposure Management:

• Direct/Oversee the Vulnerability Assessment and Penetration Testing (VAPT) program, ensuring that the program continuously assesses and mitigates security vulnerabilities and exposures across the organization's technology estate.

• Lead a comprehensive Security Vulnerability Management Program, overseeing Tenable project deployments, and operational processes for managing vulnerabilities in workstations, servers, and applications.

• Execute security assessments for 400+ applications, ensuring secure SDLC practices across the development lifecycle.

• Manage network security, cloud security, and external attack surface vulnerability assessments using tools like Orca, Cycognito, BitSight and others.

• Conduct internal and external penetration tests, simulating attacks to proactively identify and address security gaps.

Identity Governance & Administration:

• Direct the Identity & Access Management program, enforcing policies, controls and governance that protects access to critical systems and data.

• Oversee the deployment and management of the SailPoint Identity Governance solution, ensuring access is governed based on roles, levels, and lines of business.

• Drive MFA implementation across the organization, along with secure Active Directory configuration and Privileged Access Management (PAM) for high-value admin accounts.

Team & Talent Management:

• Build, lead, and develop high-performing cybersecurity engineering and architecture teams, fostering a culture of excellence and innovation.

• Act as a mentor and advocate for team members' growth, focusing on upskilling talent to address evolving security challenges.

Cross-Functional Collaboration: Lead cross-functional collaboration with IT, Risk, Compliance, and other stakeholders to embed cybersecurity best practices across the organization and achieve unified risk management goals.

• Partner with technology, business and compliance teams to ensure cybersecurity solutions support strategic objectives and regulatory requirements.

• Lead regular security reviews, providing updates to executive leadership and advocating for necessary investments in cybersecurity resources and technologies.

Qualifications and Skills:

• Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. An advanced degree (Master's or MBA) is preferred.

• Certifications: CISSP, CISM, CISA, CRISC, or equivalent; advanced certifications in security engineering or architecture (e.g., GIAC Security Expert (GSE), Certified Information Systems Security Architect (CISSA)) are a plus.

Experience:

• 18+ years of experience in cybersecurity, with a focus on security engineering, architecture, vulnerability management, and identity security in a large, complex global organization.

• Proven experience in designing, implementing, and managing security solutions for critical enterprise infrastructure, including cloud environments, network security, and endpoint protection.

• Experience in IT/ITES/BPO environments (preferred) or in highly regulated environments with a thorough understanding of compliance frameworks, including GDPR, HIPAA, PCI-DSS, NIST, and ISO/IEC 27001.

Technical Skills:

• Hands-on expertise in security engineering and solutioning, including endpoint security (e.g., SentinelOne, CrowdStrike, Carbon Black, Trellix DLP), network security (e.g., Zscaler, PANW, Checkpoint, next-generation firewalls), and cloud security (e.g., Orca, Wiz, Azure, GCP, AWS).

• In-depth knowledge of security architecture, secure SDLC practices, vulnerability management (e.g., Tenable, Rapid7, Qualys), and IAM solutions (e.g., SailPoint, Saviynt, Okta, Delinea).

• Strong understanding of advanced cybersecurity threats, attack vectors, and mitigation strategies across complex multi-cloud and hybrid environments.

• Leadership and Communication:

• Exceptional leadership, team development, and decision-making skills with a proven ability to lead high-performing cybersecurity engineering teams and foster cross-functional collaboration.

• Excellent communication skills, with the ability to effectively convey technical security concepts to non-technical audiences, including senior leadership, clients, and regulatory authorities.

Security engineers who apply for this position must have a strong track record of securing a broad spectrum of computing environments and services from both inside and outside an organization. You will be able to build and execute an overall security strategy for your team to follow. You must also be prepared to make security-related recommendations to stakeholders and sponsors. As such, you must be knowledgeable about the latest trends and advances in security. Furthermore, you should be proactive in your pursuit of cybersecurity knowledge and staying up-to-date on the most recent developments within the field. Your job will require that you engage frequently with senior leaders, system administrators, developers, customers, and regulators. Therefore, you should possess exceptional interpersonal, public speaking, writing, and communication skills.

Join us as we strive to create a more secure digital world.

“Our mission is to be a force for good by making the world a safer place through our collective efforts in cybersecurity.”

We welcome talented professionals who share our values and passion for creating a more secure digital environment. If you're driven to make a positive impact and are passionate about advancing the state of the art in cybersecurity, join us in our quest to help shape the future of digital security.