Engagement Manager, IT Strategy, Cyber

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Management Information Systems, Computer Science, Engineering, Finance, with proper technical focus and experience
• 5+ years of progressive cybersecurity experience, including specializations in security architecture, governance, and operations.
• Hands-on experience with security solutions including cloud security, endpoint security, vulnerability management, network security technologies such as firewalls and IPS/IPS, content filtering, authentication systems, log management, encryption a plus.
• Hands-on experience designing and implementing secure architectures for leading cloud platforms, including: AWS (AWS Security Hub, Identity and Access Management, Config, CloudTrail, GuardDuty). Azure (Azure Security Center, Azure Policy, Microsoft Defender for Cloud). Google Cloud (Cloud Security Command Center, Identity-Aware Proxy, Chronicle).
• Expertise in security frameworks such as NIST CSF, ISO 27001, and COBIT.
• Experience with analyzing and recommending practical guidance for how AI should be used to transform cyber security offense and defense capabilities.
• Experience with IT/OT security architectures and strategies.
• Experience with security information and event management (SIEM) tools like Splunk, Elastic Stack, or cloud-native solutions for threat detection and response.
• Experience implementing zero-trust architectures, with a deep understanding of network segmentation, identity-centric security models, and real-time monitoring.
• Cloud Security Architectures: Deep expertise in designing secure cloud solutions using AWS, Azure, and Google Cloud, leveraging key tools such as AWS Security Hub, Azure Defender, and Google Chronicle.
• Strong grasp of emerging technologies such as AI, machine learning, and blockchain, with the ability to assess their implications for cloud security and privacy.
• Familiarity with automation frameworks and tools, such as Terraform, Ansible, or CloudFormation, for infrastructure-as-code deployments.
• Experience leading technical security audits and remediation efforts for complex cloud ecosystems.
• Network Security Design: Experience architecting secure network infrastructures, including firewalls, VPNs, and secure web gateways.
• In-depth knowledge of identity and access management (IAM), including policies, role-based access control (RBAC), and single sign-on (SSO) solutions.
• Identity and Access Management (IAM): Proficiency in designing IAM systems with SSO, MFA, and privileged access management (PAM) solutions.
• Expertise in vulnerability management using tools like Qualys, Tenable, or Nessus, integrated with cloud security practices.
• Consulting Experience and Client Engagement: Proven ability to build trust and credibility with clients through consulting delivery and value-driven results.
• Collaborative Leadership: Skilled at working across teams and influencing decision-making to ensure alignment with security objectives.
• Technical Communication: Proficiency in simplifying complex technical issues into clear, actionable insights for diverse audiences, including client executives.
• Analytical Excellence: Advanced problem-solving skills, with the ability to assess risks, prioritize issues, and deliver innovative solutions.
• Strategic Thinking: Ability to align security strategies with overarching business goals, ensuring security enhances operational efficiency.
• Adaptability: Agility to navigate the fast-paced nature of security consulting, staying ahead of emerging threats and technologies.

Nice To Haves

• Certifications such as Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Information Security Manager (CISM)
• Vendor-specific certifications such as AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer Associate, or Google Professional Cloud Security Engineer.

Responsibilities

• Architect and document secure solutions for enterprise environments, including applications, networks, and hybrid cloud systems, ensuring alignment with industry best practices.
• Create security strategies tailored to organizational objectives, with a focus on scalability, resilience, and adaptability to emerging threats.
• Design robust cloud architectures for AWS, Azure, and Google Cloud, incorporating secure access, encryption, and compliance measures.
• Recommend tools and processes to enhance incident response capabilities, data protection, and threat detection.
• Offer guidance during the implementation of architectural designs, ensuring adherence to security frameworks and strategic objectives.
• Work with cross-functional teams, including IT, compliance, and business units, to ensure architectural designs align with regulatory and business requirements.
• Conduct detailed cloud security assessments, ensuring alignment with industry frameworks such as NIST CSF, ISO 27001, COBIT, GDPR, HIPAA, and CMMC.
• Provide actionable recommendations to address gaps and enhance security postures.
• Develop and implement cloud-native security architectures for platforms like AWS, Azure, and Google Cloud, incorporating zero-trust principles, identity and access management (IAM), and data encryption strategies.
• Lead initiatives to improve incident response plans, vulnerability management, and compliance strategies, driving resilience against emerging threats.
• Evaluate the implications of AI, machine learning, IoT, and blockchain for cloud security, incorporating these innovations into client strategies.
• Collaborate with stakeholders to identify risks, implement remediation strategies, and ensure compliance with evolving regulatory landscapes.
• Create and implement cloud security policies, IT controls, and governance frameworks tailored to organizational needs.
• Train client teams on cloud security best practices, fostering a culture of proactive risk management and awareness.
• Evaluate an organization’s existing IAM systems, processes, and policies to identify gaps and areas for improvement.
• Create comprehensive IAM roadmaps that align with business objectives and establish a phased approach for improvement.
• Design scalable IAM architectures that include Zero Trust frameworks, Privileged Access Management (PAM), and Federated Identity Systems to secure user and system identities.
• Guide the development of governance frameworks, including role-based access control (RBAC), dynamic access policies, and periodic access reviews.

Benefits

• world-class benefits
• highly competitive compensation
• disproportionate rewards for top performers
• generous PTO
• 401k match up to $7,200 per year
• opportunity to purchase company stock at a discount