Head of Cyber Resilience

About The Position

Requirements

• 10+ years of progressive experience in cybersecurity, with a significant and demonstrable focus on cyber resilience, offensive security/penetration testing, AI/ML security, cloud security, or emerging technology risk.
• Proven experience leading offensive security functions, including red/purple teaming, penetration testing, and continuous threat exposure management programs.
• Deep understanding of the MITRE ATT&CK framework, adversary emulation techniques, and modern attack methodologies across network, application, cloud, and identity domains.
• Deep subject matter expertise across multiple AI security domains, including AI governance, model security, cloud AI platforms, AI red teaming, and AI supply chain risk.
• Proven track record of defining and executing security strategy at a senior level within a complex, matrixed organization.
• Extensive knowledge of cloud AI/ML platforms, including AWS Bedrock, GCP Vertex AI, and equivalent services.
• Strong understanding of AI/ML frameworks, MLOps pipelines, and the AI system development lifecycle.
• Experience leading AI red team exercises, threat modeling engagements, and security posture assessments for AI systems.
• Familiarity with emerging AI security standards, regulatory guidance (e.g., NIST AI RMF, EU AI Act, OWASP LLM Top 10), and industry frameworks.
• Demonstrated experience working across GRC, Cyber Defense, IAM, and Engineering functions.

Nice To Haves

• Implementing and managing Breach and Attack Simulation (BAS) tools such as AttackIQ, Cymulate, Picus Security, or Pentera.
• Offensive security certifications such as OSCP (Offensive Security Certified Professional), OSCE (Offensive Security Certified Expert), GPEN (GIAC Penetration Tester), GWAPT (GIAC Web Application Penetration Tester), or GXPN (GIAC Exploit Researcher and Advanced Penetration Tester).
• Experience with attack surface management platforms and continuous exposure assessment tools.
• Knowledge of exploit development, reverse engineering, and malware analysis.
• Experience with MCP (Model Context Protocol) server security and agentic AI security architectures.
• Background in adversarial machine learning, model robustness, or AI-specific threat intelligence.
• Prior experience building or scaling an AI Security or Offensive Security practice from the ground up.
• Relevant certifications such as CISSP, CISM, CCSP, or emerging AI security certifications.
• Experience in financial services, technology, or another highly regulated industry.
• Familiarity with threat intelligence platforms (e.g., MISP, ThreatConnect) and integration of threat intelligence into offensive security operations.

Responsibilities

• Develop and maintain a cybersecurity resilience roadmap that addresses both near-term tactical needs and long-term strategic goals across all relevant domains, including offensive security and continuous threat exposure management.
• Design and champion a Continuous Threat Exposure Management (CTEM) strategy, integrating offensive security insights and continuous validation into enterprise risk management.
• Define and own the enterprise AI security strategy, aligning with broader organizational security philosophy, risk appetite, and business objectives.
• Champion AI security governance frameworks, policies, and standards across divisions, functions, and business lines.
• Provide executive-level guidance on AI risk, emerging threats, regulatory trends, and industry best practices related to artificial intelligence systems and advanced persistent threats (APTs).
• Partner with senior stakeholders across Cyber Defense, Architecture & Engineering, Identity & Access Management (IAM), and Governance, Risk & Compliance (GRC) to transform operations through the use of AI and offensive security insights.
• Represent the organization in external forums, industry groups, and client engagements as a subject matter expert on cyber resilience and offensive security operations.
• Lead enterprise-wide red team operations to simulate advanced adversary tactics, techniques, and procedures (TTPs) aligned with the MITRE ATT&CK framework.
• Partner closely with the SOC and Cyber Defense teams in Purple Teaming exercises to continuously improve detection engineering, threat hunting capabilities, and incident response procedures.
• Develop and execute adversary emulation campaigns targeting critical business processes, crown jewel assets, and high-value data repositories.
• Establish metrics and reporting frameworks to measure defensive capability improvements resulting from red team engagements.
• Implement, manage, and scale Breach and Attack Simulation platforms (e.g., AttackIQ, Cymulate, Picus Security, Pentera) to continuously and automatically validate the efficacy of security controls across network, endpoint, cloud, and identity environments.
• Design BAS scenarios that replicate real-world attack chains, ransomware campaigns, and data exfiltration techniques.
• Integrate BAS findings into vulnerability management workflows and security control optimization initiatives.
• Establish continuous validation cadences aligned with change management cycles and threat landscape evolution.
• Oversee comprehensive internal and external penetration testing programs, including network infrastructure, web applications, APIs, mobile applications, cloud environments (AWS, Azure, GCP), and physical security assessments.
• Manage relationships with third-party penetration testing firms and establish quality standards for external assessments.
• Ensure rigorous tracking and timely remediation of identified vulnerabilities through integration with vulnerability management and GRC platforms.
• Conduct specialized testing for emerging technologies, including containerized environments (Kubernetes, Docker), serverless architectures, and IoT/OT systems.
• Drive a risk-based vulnerability management program that prioritizes remediation based on exploitability, threat intelligence, asset criticality, and offensive security findings.
• Leverage threat intelligence feeds and exploit databases (e.g., CISA KEV, Exploit-DB) to inform prioritization decisions.
• Implement attack surface management capabilities to continuously discover and assess internet-facing assets, shadow IT, and third-party exposures.
• Establish SLAs for vulnerability remediation based on severity, exploitability, and business context.
• Design and facilitate executive and technical tabletop exercises simulating ransomware attacks, data breaches, supply chain compromises, and AI-specific incidents.
• Lead cyber range exercises and controlled attack simulations to test incident response plans, business continuity procedures, and crisis communication protocols.
• Implement chaos engineering principles to test the resilience of security controls, monitoring systems, and recovery capabilities under adversarial conditions.
• Oversee and evolve the Model Registry, ensuring all AI/ML models are catalogued, version-controlled, and subject to appropriate security and risk controls.
• Lead the AI Security Posture Management (AISPM) program to continuously assess and remediate security risks across the AI/ML environment.
• Direct AI Red Teaming exercises to proactively identify vulnerabilities in AI systems, models, and pipelines (e.g., prompt injection, model inversion, data poisoning, adversarial examples).
• Define and enforce Guardrails for MCP Servers, AI Agents, and Models to prevent misuse, data leakage, and other AI-specific threats.
• Ensure robust Identity and Access Management controls are applied to AI Agents and MCP Servers, in collaboration with the enterprise IAM function.
• Own the AI Supply Chain Security program, governing the security evaluation of third-party models, tools, datasets, and AI service providers.
• Implement Observability and Threat Monitoring capabilities to detect anomalous AI behavior, adversarial inputs, and model drift with security implications.
• Drive AI Threat Modeling practices across the SDLC and MLOps pipelines to proactively identify and mitigate AI-specific attack vectors.
• Lead AI Inspection and Discovery initiatives to maintain a comprehensive inventory of AI assets, shadow AI usage, and unapproved model deployments across the enterprise.
• Oversee Cloud AI Security for platforms including AWS Bedrock, GCP Vertex AI, and other cloud-hosted AI/ML services, ensuring appropriate security configurations and controls are in place.
• Drive the adoption of AI and machine learning capabilities across key security domains, including: GRC: Leveraging AI to automate risk assessments, control testing, and compliance reporting. Cyber Defense: Applying AI/ML to enhance threat detection, incident response, and SOC operations. IAM: Utilizing AI-driven analytics for behavioral baselines, anomaly detection, and access intelligence. Architecture & Engineering: Embedding AI-assisted security tooling into development pipelines and security architecture reviews. Offensive Security: Employing AI-powered tools for automated vulnerability discovery, exploit development assistance, and attack path analysis.
• Evaluate, select, and govern AI-powered security tools and vendors, ensuring alignment with enterprise security standards and supply chain requirements.
• Develop internal AI literacy and capability uplift programs for security teams to responsibly and effectively leverage AI technologies.
• Manage budget and resource allocation for the Cyber Resilience, Offensive Security, and AI Security functions, ensuring cost-effective delivery of the program.
• Establish and track key performance indicators (KPIs) and metrics to measure the effectiveness and maturity of proactive security testing and AI Security programs, including: Mean time to detect (MTTD) and remediate (MTTR) vulnerabilities identified through offensive testing Security control validation coverage and effectiveness rates Red team success rates and defensive improvement trends AI security posture scores and risk reduction metrics
• Report on program status, risks, and priorities to senior leadership and relevant governance committees.
• Manage vendor relationships and contracts related to penetration testing firms, BAS platforms, and AI security tooling.

Benefits

• Equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law.
• Reasonable accommodations for qualified individuals with disabilities.