How will you contribute?

• Provide expert guidance on security architecture, technologies, & best practices across the organization.
• Lead the design & implementation of complex security solutions for web applications & APIs.
• Conduct in-depth risk assessments, security reviews, & threat modeling.
• Collaborate with cross-functional teams to integrate security into the software development lifecycle, including CI/CD pipelines.
• Define & enforce security policies, standards, & procedures, ensuring alignment with industry regulations & internal requirements.
• Lead incident response & forensic investigations for complex & high-impact security incidents.
• Provide subject matter expertise in security-related discussions with customers, partners, & regulatory bodies.
• Drive security automation initiatives to streamline security processes, reduce manual intervention, & improve efficiency.
• Lead red team exercises & vulnerability assessments to identify weaknesses in systems & applications.
• Collaborate with executive leadership to align security initiatives with business goals & strategies.
• Collaborate with legal & compliance teams to ensure adherence to privacy regulations & data protection requirements.
• Lead the development & maintenance of incident response plans, playbooks, & communication strategies.
• Play a key role in representing the organization during audits & compliance assessments.
• Lead the creation of comprehensive security documentation & training materials for both technical & non-technical audiences.
• Educate developers on secure coding best practices, conduct workshops, & provide guidance on writing secure code to prevent vulnerabilities.
• Collaborate with cross-functional teams to design & implement security controls that address business continuity & disaster recovery needs.

What will you bring?

• A Bachelor’s degree in Computer Science, Information Technology, or a related field, or a combination of education & experience.
• A minimum of 9+ years of IT experience.
• 7+ years of dedicated security experience.
• Expertise with container technologies & orchestration platforms (Docker/Kubernetes).
• Deep expertise in network security, network technologies, & monitoring tools.
• Extensive experience in delivering security tests across CI/CD pipelines using various testing methodologies (SAST, DAST, runtime testing), particularly against industry standards like NIST.
• Strong background in developing security practices for multiple Infrastructure-as-a-Service (IaaS) platforms (AWS, GCP, Azure, vSphere).
• Thorough experience in configuration management technologies (Puppet, Chef, SaltStack, etc.).
• Proficiency in build & packaging processes in a Linux/Java environment (Maven, rpm, etc.).
• Advanced programming & scripting skills (Python, Ruby, GO, Bash, etc.).
• Hands-on experience in designing & implementing security solutions, including firewalls, intrusion detection systems, authentication systems, & more.
• Effective communication skills to collaborate with cross-functional teams & convey security concepts to non-technical stakeholders.
• In-depth understanding of cybersecurity principles, practices, & methodologies.
• Familiarity with common cyber threats, attack vectors, & vulnerabilities.
• Proficient with incident response procedures & best practices.
• Expert with vulnerability management tools & practices.
• Knowledge of cryptographic protocols & key management.
• Proficiency in scripting languages (e.g., Python, PowerShell) to automate security tasks.
• Dedication to staying updated with the latest security trends, tools, & techniques.
• Proficiency in creating clear & comprehensive security documentation, reports, & procedures.
• Familiarity with relevant regulations (GDPR, HIPAA, etc.) & industry standards (ISO 27001, NIST).