Engagement Manager, IT Strategy, Cyber

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Management Information Systems, Computer Science, Engineering, Finance, with proper technical focus and experience
• 5+ years of progressive cybersecurity experience, including specializations in security architecture, governance, and operations.
• Hands-on experience with security solutions including cloud security, endpoint security, vulnerability management, network security technologies such as firewalls and IPS/IPS, content filtering, authentication systems, log management, encryption a plus.
• Hands-on experience designing and implementing secure architectures for leading cloud platforms, including: AWS (AWS Security Hub, Identity and Access Management, Config, CloudTrail, GuardDuty). Azure (Azure Security Center, Azure Policy, Microsoft Defender for Cloud). Google Cloud (Cloud Security Command Center, Identity-Aware Proxy, Chronicle).
• Expertise in security frameworks such as NIST CSF, ISO 27001, and COBIT.
• Experience with analyzing and recommending practical guidance for how AI should be used to transform cyber security offense and defense capabilities.
• Experience with IT/OT security architectures and strategies.
• Experience with security information and event management (SIEM) tools like Splunk, Elastic Stack, or cloud-native solutions for threat detection and response.
• Experience implementing zero-trust architectures, with a deep understanding of network segmentation, identity-centric security models, and real-time monitoring.
• Cloud Security Architectures: Deep expertise in designing secure cloud solutions using AWS, Azure, and Google Cloud, leveraging key tools such as AWS Security Hub, Azure Defender, and Google Chronicle.
• Strong grasp of emerging technologies such as AI, machine learning, and blockchain, with the ability to assess their implications for cloud security and privacy.
• Familiarity with automation frameworks and tools, such as Terraform, Ansible, or CloudFormation, for infrastructure-as-code deployments.
• Experience leading technical security audits and remediation efforts for complex cloud ecosystems.
• Network Security Design: Experience architecting secure network infrastructures, including firewalls, VPNs, and secure web gateways.
• In-depth knowledge of identity and access management (IAM), including policies, role-based access control (RBAC), and single sign-on (SSO) solutions.
• Identity and Access Management (IAM): Proficiency in designing IAM systems with SSO, MFA, and privileged access management (PAM) solutions.
• Expertise in vulnerability management using tools like Qualys, Tenable, or Nessus, integrated with cloud security practices.
• Consulting Experience and Client Engagement: Proven ability to build trust and credibility with clients through consulting delivery and value-driven results.
• Collaborative Leadership: Skilled at working across teams and influencing decision-making to ensure alignment with security objectives.
• Technical Communication: Proficiency in simplifying complex technical issues into clear, actionable insights for diverse audiences, including client executives.
• Analytical Excellence: Advanced problem-solving skills, with the ability to assess risks, prioritize issues, and deliver innovative solutions.
• Strategic Thinking: Ability to align security strategies with overarching business goals, ensuring security enhances operational efficiency.
• Adaptability: Agility to navigate the fast-paced nature of security consulting, staying ahead of emerging threats and technologies.

Nice To Haves

• Certifications such as Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Information Security Manager (CISM)
• Vendor-specific certifications such as AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer Associate, or Google Professional Cloud Security Engineer.

Responsibilities

• Architect and document secure solutions for enterprise environments, including applications, networks, and hybrid cloud systems, ensuring alignment with industry best practices.
• Create security strategies tailored to organizational objectives, with a focus on scalability, resilience, and adaptability to emerging threats.
• Design robust cloud architectures for AWS, Azure, and Google Cloud, incorporating secure access, encryption, and compliance measures.
• Recommend tools and processes to enhance incident response capabilities, data protection, and threat detection.
• Offer guidance during the implementation of architectural designs, ensuring adherence to security frameworks and strategic objectives.
• Work with cross-functional teams, including IT, compliance, and business units, to ensure architectural designs align with regulatory and business requirements.
• Conduct detailed cloud security assessments, ensuring alignment with industry frameworks such as NIST CSF, ISO 27001, COBIT, GDPR, HIPAA, and CMMC. Provide actionable recommendations to address gaps and enhance security postures.
• Develop and implement cloud-native security architectures for platforms like AWS, Azure, and Google Cloud, incorporating zero-trust principles, identity and access management (IAM), and data encryption strategies.
• Lead initiatives to improve incident response plans, vulnerability management, and compliance strategies, driving resilience against emerging threats.
• Evaluate the implications of AI, machine learning, IoT, and blockchain for cloud security, incorporating these innovations into client strategies.
• Collaborate with stakeholders to identify risks, implement remediation strategies, and ensure compliance with evolving regulatory landscapes.
• Create and implement cloud security policies, IT controls, and governance frameworks tailored to organizational needs.
• Train client teams on cloud security best practices, fostering a culture of proactive risk management and awareness.
• Evaluate an organization’s existing IAM systems, processes, and policies to identify gaps and areas for improvement.
• Create comprehensive IAM roadmaps that align with business objectives and establish a phased approach for improvement.
• Design scalable IAM architectures that include Zero Trust frameworks, Privileged Access Management (PAM), and Federated Identity Systems to secure user and system identities.
• Guide the development of governance frameworks, including role-based access control (RBAC), dynamic access policies, and periodic access reviews.

Benefits

• world-class benefits
• highly competitive compensation
• disproportionate rewards for top performers
• generous PTO
• a 401k match up to $7,200 per year
• the opportunity to purchase company stock at a discount