Senior Lead Security Controls Engineer

About The Position

Requirements

• 5 years of experience in security engineering, IT asset management, or risk and technology controls, with demonstrated end-to-end delivery ownership
• Demonstrated experience designing and implementing technology controls at scale
• Experience building or operationalizing asset governance and asset management capabilities
• Practical experience with modern engineering practices including CI/CD pipelines, infrastructure-as-code, and automated testing frameworks
• Translate threat models and attack surface analysis into actionable control requirements and auditable governance standards
• Ability to communicate clearly with senior stakeholders and drive alignment across engineering, cybersecurity, and risk partners

Nice To Haves

• Product mindset (roadmaps, KPIs, adoption) and experience partnering with product owners and managers
• Experience supporting audits and exams with high-quality, repeatable evidence and well-governed exception processes
• Familiarity mapping controls and governance requirements to common frameworks such as NIST, ISO 27001, or CIS Controls

Responsibilities

• Design and implement a technology asset governance framework: taxonomy standards, mandatory metadata, ownership and attestation model, lifecycle states, stewardship expectations, and adoption mechanisms
• Define and maintain asset classification and criticality rules (e.g., tiering, criticality, environment, data sensitivity, internet exposure) and map them to control applicability and required evidence
• Lead the design and implementation of reusable control patterns
• Define and advance technology asset taxonomy and mandatory metadata standards
• Establish pragmatic asset governance mechanisms aligned to engineering and risk requirements
• Engineer automated evidence collection and continuous monitoring pipelines
• Translate threat models and risk requirements into testable control requirements and enforceable governance rules
• Partner with Risk, Compliance, and Audit to ensure controls and governance are auditable by design
• Contribute to a team culture of diversity, opportunity, inclusion, and respect

Benefits

• competitive total rewards package including base salary determined based on the role, experience, skill set and location
• commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions
• comprehensive health care coverage
• on-site health and wellness centers
• a retirement savings plan
• backup childcare
• tuition reimbursement
• mental health support
• financial coaching