Director of Engineering, Security

About The Position

Requirements

• 10+ years in Security Engineering with 5+ years leading managers and multi-domain portfolios (SOC/IR, AppSec, Cloud/Infra, Identity).
• Hands-on leadership with: AWS multi-account security (Organizations, Control Tower, IAM, SCPs, GuardDuty, Security Hub, Macie, KMS, CloudTrail, Config).
• Kubernetes/EKS, container security, service mesh, ingress, and secrets management (Vault/Secrets Manager).
• Secure SDLC with CI/CD (GitHub/GitLab), Terraform/Terragrunt, OPA/Conftest, SAST/DAST/SCA (CodeQL, Semgrep, Snyk, ZAP/Burp).
• Web/API protections (AWS WAF/Cloudflare), SBOM/signing (Syft/Grype, Cosign/Sigstore), Dependabot/Renovate, Gitleaks.
• Endpoint/Network security (Palo Alto/Fortinet, Zscaler/ZTNA, CrowdStrike/SentinelOne, Jamf/Intune).
• Identity/SSO with Azure AD/Entra ID, PIM, Conditional Access, SCIM; Okta or AWS IAM Identity Center.
• SIEM/SOAR (Cyrebro; Tines/XSOAR) and threat intel (MISP/OpenCTI); GRC (Drata/Vanta/ServiceNow), Jira/Confluence.
• Proven delivery of large-scale security transformations and measurable risk reduction; executive presence and board/audit experience.
• Excellent leadership, stakeholder management, and team-building skills.
• Strong problem-solving, analytical abilities, and crisp decision-making.
• Exceptional communication and interpersonal skills.
• Ability to operate under pressure and manage multiple priorities.

Responsibilities

• Strategy and leadership Define a multi-year security strategy and roadmap aligned to Nexxen’s business and product direction. Chair the Weekly Security Council; represent Security in the Architecture Review Board. Lead AI Security Council (monthly) and AI Ethics Board (quarterly); deliver bi-monthly executive briefings on risk posture. Build a high-performing, globally distributed security organization and Security Champions program.
• Product, delivery, and value realization Drive secure SDLC adoption: threat modeling, secure coding standards, SAST/DAST/SCA, and CI/CD gating. Prioritize and deliver platform-level controls across identity, cloud/Kubernetes, data protection, and web/API security. Establish SLAs/SLOs for vulnerability remediation, incident response, and control health; measure MTTR and risk reduction. Lead build/buy evaluations for security tooling; negotiate, optimize licensing, and manage vendor success.
• Architecture and integrations Own target-state security architecture for AWS Organizations (multi-account), EKS, and data center environments. Standardize identity and network segmentation patterns; advance zero-trust and least-privilege access. Embed policy-as-code (OPA/Conftest/Regula) and supply-chain protections (SBOM, signing, provenance) into pipelines.
• Security, risk, and compliance Oversee SOC operations, incident response, and threat detection with measurable readiness and tabletop cadence. Partner with Compliance on SOC 2/SOX/GDPR; ensure audit readiness and timely remediation of findings. Establish AI governance and risk management for AI-powered products and internal AI tools; manage AI vendor assessments.
• People leadership Hire, develop, and mentor managers and senior engineers across AppSec, Cloud/Infra, Identity/Data, and Compliance/SOC. Foster a culture of ownership, enablement, and continuous improvement; scale multi-squad delivery across time zones. Strengthen stakeholder engagement across Engineering, IT, Data, Product, Legal/Compliance, and executive leadership.

Benefits

• We offer a variety of benefits, including medical, dental, vision, disability insurance, 401(k), EAP, parental leave, unlimited vacation, and company-paid holidays. The specific programs and options available will vary depending on the state, start date, and employment type.