Head of Security Architecture & Engineering
Title: Head of Security Architecture & Engineering
Location: Denver or London
Reports to: CISO
The Role Summary:
Seeking a motivated and collaborative security leader to run our rapidly growing Security Architecture and Engineering team. The person in this role is a strategist with deep and wide technical knowledge. This role requires impeccable interpersonal skills as well as a deep and broad understanding of business strategy, architecture and products. The role holder must be technical and collaborative with an ability to influence technology leaders to improve the security posture of a given project. The role holder must also be able to build an efficient and high functioning team whom can review and be consulted in an agile way.
• Create a relevant strategy, roadmap and vision for Security Architecture and Engineering team whose mission is to implement and maintain key security technology to improve security posture and strengthen security defences.
• Define the top talent criteria which will allow for a wide range of technical abilities to ensure subject matter expertise on all facets of technology stack with include Cloud environments. The leader must drive performance, innovate with ideas, pursue excellence and set stretch targets for the team. The leader will also mentor, nurture and grow the team over time.
• Define the operating model for which the team runs which will include project intake and stakeholder sentiment measured throughout the calendar year. The leader will execute with discipline by building a repeatable process for the operating model.
• Define key metrics for the desired outcomes of an efficient team and service to the enterprise which include appropriate SLAs.
• Provide end to end Security Architecture reviews as part of an IT lifecycle and security reviews throughout a change advisory board.
• Provide security engineering on relevant solutions.
• Perform security research on the latest new security technologies.
• Partner on key strategic initiatives and show consistent and repeatable output which include any merger and/or acquisition activity.
• Provide input on BAU and project budget while maintaining key budgetary goals throughout the year.
• Partner with other Information Security leaders to drive widespread adoption of best in class security practices.
• Driving security through globally standardized automation with CI/CD processes.
• Partner with key IT service providers to ensure industry standard platform, network and endpoint security posture.
• Ensure industry standard framework implementation
• Ensure project delivery by working with PMO and define relevant milestones for executive level consumption.
• Define and provide relevant metrics and trends for executive consumption.
• Provide input to the overall Information Security strategy.
• Influence security policy, standards and guidelines.
• Participates in internal, external and regulatory audits and requests for information.
• Must be a subject matter expert for the company’s security processes across multiple domains and disciplines – on premise and cloud / SaaS based applications, data, infrastructure and mobile solutions.
• An absolute passion for information security and knowledge of the latest threats, trends and concerns at a global level.
• 5+ years of prior team lead or people management experience with proven global reach.
• 10+ years’ experience in some combination of the following disciplines with an emphasis on information security: network architecture, IT perimeter design, threat modelling, security architecture, application architecture and design, authentication platforms, industry standard frameworks (NIST, ISO), physical security, DNS, VPN, URL Filtering, SIEM design, Email security, Cryptography concepts.
• Deep leadership and strategic skillset.
• Must be highly collaborative, able to effectively interact with peers, management and leadership teams, excel at cross-team initiatives and act with a sense of urgency when security issues or requirements arise.
• Demonstrable deep technical knowledge on all facets of Information Technology and Information Security.
• Empathy and a passion for helping others grow and building a world class function.
• Experience in review security solutions and working with vendors in obtaining relevant information to ensure appropriate fit into an organization.
• Demonstrated knowledge of common adversary tactics, techniques, and procedures (TTPs).
• Intimate knowledge of the Cyber Kill Chain and other relevant network defence and intelligence frameworks.
• Must demonstrate assertiveness and leadership qualities, deliver excellence in verbal and written communication and prioritize effectively
• A minimum of a Bachelor’s Degree in Information Systems, Computer Science, Engineering, or equivalent experience
• CISSP and/or SANS certification preferred
• Networking certification (CCIE) a plus