Senior Cybersecurity Strategist

The role of Senior Cybersecurity Strategist & Security Engineering Director involves shaping the company's cybersecurity architecture and engineering strategies to keep its cybersecurity posture at the leading edge. This position will oversee the Cybersecurity Engineering, Architecture, Exposure/Vulnerability Management, and Identity Security functions, focused on delivering security solutions, projects, and relevant programs that drive enterprise cyber resilience and secure business growth.

Key Responsibilities:

• Cybersecurity Strategy & Solutioning:
• Develop and lead the strategy for modernizing the company's security stack, ensuring architecture stays current with evolving technologies and threats. Oversee/Manage-
  • Spearhead strategic cybersecurity projects across Network Security, Endpoint Security, Cloud Security, and Identity Security, leveraging advanced technologies like SentinelOne, Tenable, Zscaler, SailPoint, and Orca.
  • Drive security solutioning, engineering, and project implementations to mitigate risk and enhance security resilience.
  • Define and maintain security standards, handling exceptions across various technology types and ensuring consistent risk mitigation.
  • Conduct Proofs of Concept (POCs) to evaluate and implement emerging security solutions.
• Security Architecture & Engineering:
• Oversee cybersecurity engineering and architecture to deliver secure, scalable, and resilient solutions across the enterprise and all business functions.
• Architect and document robust security solutions for critical corporate infrastructure, cloud environments, and customer-facing platforms.
• Oversee the deployment and configuration of security solutions including but not limited to next-generation firewalls, EDR/XDR, disk encryption, data security posture management & DLP solutions, and advanced cloud security management solutions (AWS, GCP, Azure, OCI).
• Maintain a comprehensive Security Architecture Review program for new and existing technologies, ensuring alignment with industry best practices and regulatory standards.
• Vulnerability & Exposure Management:
• Direct/Oversee the Vulnerability Assessment and Penetration Testing (VAPT) program, ensuring that the program continuously assesses and mitigates security vulnerabilities and exposures across the organization's technology estate.
• Lead a comprehensive Security Vulnerability Management Program, overseeing Tenable project deployments, and operational processes for managing vulnerabilities in workstations, servers, and applications.
• Execute security assessments for 400+ applications, ensuring secure SDLC practices across the development lifecycle.
• Manage network security, cloud security, and external attack surface vulnerability assessments using tools like Orca, Cycognito, BitSight and others.
• Conduct internal and external penetration tests, simulating attacks to proactively identify and address security gaps.
• Identity Governance & Administration:
• Direct the Identity & Access Management program, enforcing policies, controls, and governance that protects access to critical systems and data.
• Oversee the deployment and management of the SailPoint Identity Governance solution, ensuring access is governed based on roles, levels, and lines of business.
• Drive MFA implementation across the organization, along with secure Active Directory configuration and Privileged Access Management (PAM) for high-value admin accounts.
• Team & Talent Management:
• Build, lead, and develop high-performing cybersecurity engineering and architecture teams, fostering a culture of excellence and innovation.
• Act as a mentor and advocate for team members' growth, focusing on upskilling talent to address evolving security challenges.
• Cross-Functional Collaboration:
• Lead cross-functional collaboration with IT, Risk, Compliance, and other stakeholders to embed cybersecurity best practices across the organization and achieve unified risk management goals.
• Partner with technology, business, and compliance teams to ensure cybersecurity solutions support strategic objectives and regulatory requirements.
• Lead regular security reviews, providing updates to executive leadership and advocating for necessary investments in cybersecurity resources and technologies.

• Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. An advanced degree (Master's or MBA) is preferred.
• Certifications: CISSP, CISM, CISA, CRISC, or equivalent; advanced certifications in security engineering or architecture (e.g., GIAC Security Expert (GSE), Certified Information Systems Security Architect (CISSA)) are a plus.

• 18+ years of experience in cybersecurity, with a focus on security engineering, architecture, vulnerability management, and identity security in a large, complex global organization.
• Proven experience in designing, implementing, and managing security solutions for critical enterprise infrastructure, including cloud environments, network security, and endpoint protection.
• Experience in IT/ITES/BPO environments (preferred) or in highly regulated environments with a thorough understanding of compliance frameworks, including GDPR, HIPAA, PCI-DSS, NIST, and ISO/IEC 27001.

This role offers a unique opportunity to make a meaningful impact on the organization's cybersecurity posture and contribute to the growth and success of a dynamic team.