Responsibilities
- Design, implement, and enhance security controls across endpoint, network, cloud, identity, and SDLC.
- Lead security-focused projects, including scoping, planning, execution, stakeholder communication, and documentation.
- Own and optimize core security tooling (Application security, AI security, endpoint protection, IDS/IPS, SIEM, vulnerability management, threat intelligence platforms, etc.), ensuring effective configuration and continuous improvement.
- Develop and implement automation to enhance threat detection, alerting, response workflows, ticket creation, and reporting metrics.
- Conduct and oversee annual penetration testing, social engineering exercises, and remediation tracking.
- Partner with cross-functional technology teams to embed secure design principles and hardening standards into infrastructure, cloud platforms, and application development (DevSecOps).
- Monitor compliance with cybersecurity policies and regulatory requirements; identify gaps and drive remediation efforts.
- Serve as a technical escalation point during incident response and contribute to post-incident analysis and control improvements.
- Identify emerging threats, tools, and technologies and recommend strategic direction for the cybersecurity program.
Requirements
- Bachelor’s Degree in Computer Science, Information Technology, or equivalent practical experience.
- 5+ years of progressive experience in cybersecurity or information security engineering roles.
- Demonstrated experience implementing and engineering security controls in enterprise environments.
- Experience leading or independently managing technical security projects.
- Strong familiarity with CIS Framework and system hardening standards.
- Hands-on experience securing and monitoring cloud platforms (AWS, Azure, etc.).
- Deep understanding of common security controls including DLP, MFA, encryption, intrusion detection, and mobile device/application management.
- Strong scripting and automation skills (PowerShell, Python, or similar) with software engineering experience preferred
- Experience designing and maintaining centralized logging and SIEM solutions.
- Ability to independently assess risk, define problems, and implement practical, scalable solutions.
- Strong communication skills with the ability to influence stakeholders and represent the security function effectively.
Nice to Have
- Experience in financial services or investment management preferred.
- Relevant security certifications (CISSP, CISM, GIAC, AWS Security, etc.) are a plus.
Work Arrangement
Hybrid
Additional Information
- Expected to be in the office on Tuesdays, Wednesdays, and Thursdays.
- Utilizes Agile principles to prioritize, plan, and execute cybersecurity initiatives.
- Maintains a strong team culture centered on accountability, ownership, and continuous improvement.