Job Description:
• Own vulnerability management, SIEM tuning and monitoring, incident response, and threat investigation.
• Maintain secure baseline configurations (CIS, hardening standards).
• Oversee AWS security controls, including IAM governance, cloud logging, encryption standards, network security boundaries, and enforcement of cloud security guardrails.
• Design and approve security controls for new systems, infrastructure changes, and applications.
• Govern identity security, privileged access, MFA enforcement, and periodic access reviews.
• Provide security oversight for DevOps pipelines and cloud deployments.
• Lead annual risk assessments, security reviews, and third-party/vendor risk management.
• Own the Disaster Recovery (DR) governance program, including planning, documentation, tabletop exercises, and driving remediation, while partnering with Infrastructure on technical DR execution.
• Manage data protection and data classification practices.
• Track and report security KPIs, risks, and initiatives to the ISO.
Requirements:
• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience preferred.
• 5+ years of hands-on IT security engineering or cybersecurity engineering experience.
• Experience leading security or compliance functions.
• Strong technical experience in SIEM, AWS security, vulnerability management, identity security, incident response, and disaster recovery.
• Strong proficiency with AWS security architecture, IAM, cloud logging, and security guardrails.
• Working knowledge of SOC 2, HIPAA, GDPR, and CCPA compliance frameworks.
Benefits: