Cybersecurity Lead

Description

• Lead vulnerability management, penetration testing coordination, and incident response processes.
• Work closely with DevSecOps and Network Engineering teams to embed security into CI/CD pipelines, infrastructure deployments, and operations workflows.
• Drive adoption of Zero Trust principles and advanced IAM solutions.
• Manage and evaluate third-party security vendors, tools, and managed services partners.
• Partner with the Senior Director of IT Strategy & Operations and Chief of Staff (PMO Head) to strengthen security governance and accountability practices.
• Conduct regular enterprise risk assessments, security audits, and control testing to ensure compliance with regulatory and industry standards.
• Design and execute cloud security controls across Azure, GCP, and hybrid environments.
• Prepare and present security posture updates, risk dashboards, and compliance reports to leadership and governance committees.
• Develop and implement the enterprise cybersecurity roadmap aligned with business, operational, and regulatory objectives.
• Establish, maintain, and continuously improve security policies, standards, and frameworks (NIST, CIS, ISO 27001).
• Support secure integration of applications, APIs, identity platforms, and data systems.
• Collaborate with the BI & Data COE to establish secure data governance, data access controls, and Lakehouse/Fabric security architectures.
• Serve as a security advisor to senior leadership on emerging threats, vulnerabilities, and risk mitigation strategies.

Requirements

• 5+ years of progressive cybersecurity experience, with demonstrated ownership of architecture, risk, or security operations domains.
• This role requires the ability to perform fine motor tasks, such as typing or using a mouse, for extended period of time.
• Experience with security frameworks and compliance requirements (NIST, CIS, ISO 27001, SOC 2, GDPR).
• Hands-on experience with SIEM, EDR, IAM, and vulnerability management tools.
• This role requires the ability to sit and work at a desk for extended periods of time, using a computer and other office equipment.
• Strong communication skills with the ability to translate technical findings into business-oriented recommendations.
• Strong working knowledge of cloud security (Azure, GCP), network security principles, and DevSecOps practices.
• Certifications such as CISSP, CISM, CCSP, or equivalent.
• Must be authorized to work in the United States.
• This role requires occasional travel up to 10% of the time for activities such as out-of-town meetings, training, or outreach activities.
• Ability to operate autonomously with high accountability and cross-functional influence.
• Bachelor’s degree in Cybersecurity, Information Technology, or related field (Master’s preferred).
• Experience with Microsoft Fabric, Lakehouse security models, and API security.

Benefits

• Paid Life Insurance, medical plans, PTO, holidays.
• 401(k) with match.
• This is eligible for an annual discretionary bonus target of 10% of base compensation.
• Base pay is paid at an annual salary rate. The range for this position is $115,000 to $140,000 depending on experience.
• Dental and vision options.

Training + Development

Interview process

Visa Sponsorship

Security clearance