SVP, Head of Security Technology

BerkleyWilmington, DE
Onsite

About The Position

The SVP, Head of Security Technology, leads the modernization and delivery of the enterprise's core cybersecurity technology capabilities through an AI-enabled, automation-first, engineering-led model. This role reports to the CISO. This role is accountable for evolving and integrating: Security Architecture, Security Engineering, Identity and Access Management (IAM), Continuous Threat and Exposure Management (CTEM). The position transforms legacy, siloed security functions (e.g., vulnerability management, attack surface management, application security) into a scalable, intelligence-driven security ecosystem that reduces enterprise risk through engineering and automation, embeds security into enterprise architecture and technology platforms, strengthens identity lifecycle governance and compliance, enables continuous, risk-based exposure management, improves efficiency, control effectiveness, and compliance readiness, and drives alignment between cybersecurity capabilities and business risk priorities, ensuring security investments directly support enterprise resilience, customer trust, and growth objectives.

Requirements

  • 15+ years’ experience in a cybersecurity role with at least 5 as head of senior most security architect.
  • Previous and progressive experience in a technical security leadership position.
  • Demonstrated experience modernizing security organizations (tool consolidation, automation, operating model redesign).
  • Strong expertise in cloud-native security, Zero Trust, IAM, and CTEM practices.
  • Experience integrating cybersecurity with AI/ML technologies and governance frameworks.
  • Strong strategic thinking and decision-making capabilities.
  • Experience managing budgets, vendors, and large-scale programs.
  • Track record of delivering measurable improvements in risk reduction, efficiency, and security posture.
  • Disciplined thinker with structured approach to security architecture and strategic planning.
  • Inherent intellectual capability and curiosity to learn complex processes.
  • Proven thought leadership, strategic thinking and decision-making.
  • Must have strong analytical and problem-solving skills with the capability to identify solutions to unusual and complex problems.
  • CISSP certification is strongly preferred.
  • Direct security related AI, networking, infrastructure, cloud, operating system, development, cloud, database experience is required.
  • Must be able to demonstrate proficiency in a wide range of security technologies, embedded security, and network platforms – in a global institution.
  • Ability to balance multiple priorities in high pressure situations.
  • Project, portfolio and resource management experience is required.
  • Must be willing to travel (Domestic and International) as required, but not to exceed 30-40%.
  • Bachelors Degree in Computer Science, Information Technology, Information Systems, or a related discipline. Equivalent experience and/or alternative qualifications will be considered.

Nice To Haves

  • CISSP certification is strongly preferred.

Responsibilities

  • Report to the CISO and lead the strategic execution across a team of security directors, managers, architects, engineers and analysts across multiple security technology disciplines.
  • Define enterprise security architecture strategy, standards, and roadmaps.
  • Embed secure-by-design principles across cloud, applications, data, and AI.
  • Establish reusable design patterns and reduce exception-based approvals.
  • Integrate security into transformation and modernization efforts.
  • Lead Zero Trust security architecture strategy and adoption across identity, network, application, and data layers.
  • Establish reference architectures for multi-cloud and hybrid environments, including CNAPP, CIEM, and data protection controls.
  • Lead engineering and lifecycle management of security platforms and controls.
  • Establish automation-first operations (API, orchestration, policy-as-code).
  • Standardize tooling and reduce manual processes through automation.
  • Improve platform resilience, telemetry, and service performance.
  • Transition to a product and platform-based security engineering model with defined service ownership, SLAs, and performance metrics.
  • Drive rationalization of security tools and vendors to reduce cost and complexity while improving capability coverage.
  • Lead and own overarching IAM strategy and lifecycle governance, including provisioning (joiners), access changes (movers), de-provisioning (leavers).
  • Enhance user access reviews and certifications.
  • Implement, enhance and automate segregation of duties (SoD) monitoring and governance.
  • Design and implement role and entitlement management capabilities.
  • Enable access-related compliance and audit readiness in preparation for continuous control monitoring and assessment in alignment with Governance Risk and Control Function.
  • Ensure least privilege, timely access removal, and reduction of orphaned accounts.
  • Integrate IAM with HR, applications, and enterprise platforms.
  • Enhance privileged access management and management of non-human identities in preparation for advanced agentic AI capabilities.
  • Advance privileged access, machine identity, and non-human identity security in support of automation, cloud, and AI use cases.
  • Implement identity-centric Zero Trust controls and continuous authentication models.
  • Transform vulnerability, attack surface, and application security into a unified CTEM function.
  • Implement continuous, threat-informed prioritization of exposures.
  • Align findings to asset criticality and business risk.
  • Improve remediation effectiveness and reduce exploitable attack paths.
  • Enhance asset visibility, ownership clarity, and dependency mapping.
  • Partner with Security Operations and Security Incident and Response functions to coordinate a unified approach across teams.
  • Establish attack path analysis and exploitability-based risk prioritization to reduce material exposure.
  • Define measurable outcomes such as reduction in attack surface, time-to-remediation, and control effectiveness.
  • Deploy AI and analytics to improve prioritization and decision-making.
  • Automate repetitive security processes and control validation.
  • Enhance reporting, telemetry, and audit evidence generation.
  • Partner with Head of Security AI to establish secure AI lifecycle practices, including model governance, data protection, prompt security, and third-party AI risk management.
  • Partner with Head of Security Operations to leverage AI to enhance threat detection, anomaly identification, and predictive risk analytics.
  • Embed security into the software development lifecycle (SDLC), CI/CD pipelines, and developer workflows.
  • Partner with engineering teams to implement scalable DevSecOps practices and developer-friendly security tooling.
  • Establish a global operating model with clear accountability, service ownership, and capability maturity roadmaps.
  • Develop business cases tied to measurable risk reduction, operational efficiency, and cost optimization.
  • Partner with executive leadership and provide board-level reporting on security posture, risk trends, and investment impact.
  • Establish a product- and platform-based security technology operating model.
  • Define core requirements that evidence demonstrable risk reduction and can be measured using KPIs/KRIs in conjunction with the metrics and analytics program.
  • Drive roadmap, investment prioritization, and tool rationalization.
  • Drive budgetary discipline through management of finances, including the build of defendable business cases.
  • Lead and develop high-performing, multi-disciplinary teams in a positive and respectful capacity leading to high engagement across all disciplines.
  • Organically improve the security posture of the organization by ensuring the incorporation of secure principles into every phase of the design, development, deployment, and operation of systems and solutions.
  • Assess current environment and design a target state architecture with all accompanying diagrams and documentation as required by architecture teams.
  • Provide top-level support as needed on security and operational related issues.
  • Represent information security interests on various project teams and special assignments as directed.
  • Active in a continuous improvement of the existing process, methodologies, technologies and practices.
  • Provide top-level on-call support as required for this type of role, which is factored into the compensation for this role.
  • Partner with Security Operations and Incident Response to improve cyber resilience, recovery readiness, and crisis response integration.
  • Ensure alignment with enterprise risk management and regulatory expectations through continuous control monitoring.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service