Senior Director of Security Architecture and Engineering

About the position

The position involves strategic leadership in defining and executing the vision, strategy, and roadmap for security architecture and engineering across enterprise services, custom-built platforms, and cybersecurity tools. The role requires serving as a trusted advisor to the CISO and executive leadership, promoting alignment between security initiatives and business objectives, and integrating security into the platform P&L. Responsibilities also include establishing secure design and engineering standards, leading the design and implementation of cybersecurity tools, overseeing network security architecture, ensuring compliance with governance frameworks, and building a high-performing team.

Responsibilities

• Define and execute the vision, strategy, and roadmap for security architecture and engineering across enterprise services.
• Serve as a trusted advisor to the CISO and executive leadership on security architecture and engineering matters.
• Promote alignment between security initiatives and business objectives.
• Establish secure design and engineering standards for Yum's custom platforms.
• Collaborate with product and platform teams to incorporate security-by-design principles into the development lifecycle.
• Ensure secure architecture for enterprise services, ensuring data protection, compliance, and operational resilience.
• Lead the design and implementation of Yum's cybersecurity tools platform.
• Evaluate and integrate emerging security technologies.
• Oversee the architecture and engineering of network security for cloud-based and on-premise infrastructure.
• Develop and implement strategies to secure internal and external network communication.
• Ensure all security architecture and engineering initiatives align with NIST frameworks and industry standards.
• Partner with GRC and other teams to support compliance requirements.
• Build, mentor, and lead a high-performing Security Architecture and Engineering team.
• Foster collaboration across security, IT, and business units.
• Drive a culture of continuous improvement, emphasizing security awareness and operational excellence.
• Identify and mitigate risks associated with enterprise and custom platforms.
• Collaborate with the Security Operations Team to analyze and address vulnerabilities and incidents proactively.

Requirements

• Bachelor's degree in Computer Science, Information Security, Engineering, or a related field.
• 10+ years of experience in security architecture and engineering leadership roles.
• Proven expertise in designing and implementing secure architectures for enterprise applications.
• Deep understanding of NIST frameworks, cloud security best practices, and regulatory compliance requirements.
• Strong knowledge of modern technology stacks, including cloud platforms (AWS, Azure, GCP), APIs, and microservices.
• Experience with DevSecOps practices, secure coding, and CI/CD pipeline integration.
• Exceptional leadership, communication, and collaboration skills.

Nice-to-haves

• Advanced degree preferred.
• Industry certifications (e.g., CISSP, CISM, SABSA, TOGAF) are highly desirable.

Benefits

• Medical, dental, vision, legal, and accidental death and dismemberment insurance.
• Short-term disability, long-term disability, and life insurance.
• 401(k) plan with a 6% matching contribution.
• 4 weeks of vacation, paid sick leave, 10 paid holidays, and a floating day off.
• 2 paid days for volunteer time each calendar year.
• Tuition reimbursement, education benefits, and scholarship opportunities.
• Onsite childcare and dining center.
• Onsite gym with fitness classes and personal trainer sessions.
• Comprehensive medical, vision, and dental including prescription drug benefits.