Senior Information Engineer Manager

About The Position

Requirements

• Extensive experience with enterprise IAM platforms.
• Implementation of RBAC, ABAC, and least-privilege access models.
• Privileged access management (PAM) and secrets management solutions.
• Identity lifecycle management and automated provisioning/de-provisioning.
• Multi-factor authentication (MFA) implementation and enforcement.
• Single sign-on (SSO) integration and federation protocols (SAML, OAuth 2.0, OIDC).
• Certificate-based authentication and PKI management.
• Enterprise antivirus and anti-malware deployment and management.
• Endpoint detection and response (EDR) and extended detection and response (XDR) platforms.
• Threat intelligence integration and automated response capabilities.
• Malware analysis and incident response procedures.
• Enterprise DLP solution implementation.
• Data classification and labeling strategies.
• Content inspection and policy enforcement across network, endpoint, and cloud.
• Encryption and tokenization technologies for data protection.
• Configuration management tools.
• Security baseline development and enforcement.
• Automated compliance scanning and drift detection.
• Infrastructure as Code (IaC) security and configuration validation.
• Vulnerability assessment tools.
• Vulnerability prioritization.
• Patch management processes and automation.
• Penetration testing coordination and vulnerability validation.
• Physical access control systems (PACS) and badge management.
• Integration of physical and logical security controls.
• Understanding of Trust Service Criteria and evidence requirements for security, availability, processing integrity, confidentiality, and privacy (SOC 2 Type II).
• Experience in supporting an Information Security Management System (ISMS) and Annex A controls (ISO/IEC 27001).
• Knowledge of AI Management System requirements and controls for artificial intelligence governance (ISO/IEC 42001).
• Familiarity with Cloud Controls Matrix (CCM) and Cloud Security Alliance attestation requirements (CSA STAR Level 2).
• Understanding of UK government cyber security certification requirements including boundary firewalls, secure configuration, access control, malware protection, and patch management (CyberEssentials+).
• Bachelor's degree in Computer Science, Information Security, or related technical field (or equivalent experience).
• Minimum 7-10 years of experience in IT or information security, with at least 3 years in a leadership role.
• Hands-on technical experience implementing and managing security controls in enterprise environments.
• Deep understanding of security frameworks including NIST CSF, CIS Controls, and MITRE ATT&CK.
• Knowledge of emerging technologies including AI/ML security, zero-trust architecture, and DevSecOps.
• Scripting and automation skills (e.g., Python, PowerShell, Bash, Terraform).

Responsibilities

• Design, implement, and maintain security controls that support compliance with SOC 2 Type II, ISO/IEC 27001, ISO/IEC 42001, CSA STAR Level 2, and CyberEssentials+ standards.
• Oversee the enterprise Identity and Access Management (IAM) program, including role-based access controls, privileged access management, and access governance processes.
• Manage secure authentication systems including multi-factor authentication (MFA) and single sign-on (SSO).
• Implement and maintain malware protection solutions across endpoints, servers, and cloud workloads, including next-generation antivirus and endpoint detection and response (EDR) platforms.
• Design and enforce data loss prevention (DLP) strategies and technologies to protect sensitive information across email, endpoints, network, and cloud environments.
• Establish and maintain IT asset configuration management processes, including configuration baselines, change control, and automated compliance monitoring.
• Lead the technical vulnerability management program, including vulnerability scanning, assessment, prioritization, remediation tracking, and exception management.
• Collaborate with VP, Director of Infrastructure, and CISO to architect and implement cloud security controls across GCP and Azure.
• Oversee physical security monitoring systems, including access control systems and integration with logical security controls.
• Collaborate with VP and CISO on security assessments, gap analyses, and remediation efforts.
• Collaborate with external auditors during security assessments, audits, and certification processes.
• Provide technical leadership and mentorship to the security team, fostering a culture of continuous improvement and security awareness.

Benefits

• Competitive Health, Dental and Vision Insurance
• Pet Insurance
• 401k
• Flexible schedule
• Paid Holidays plus Paid Time Off