• Utilizes a deep understanding of the threat landscape and risk to build security into products and new features
• Partners with and advise engineering, product, and risk teams on security best practices and help shape the endpoint security strategy for the firm
• Works with vendors to escalate problems and receive timely resolutions
• Enables product strategy and keep the firm safe by analyzing complex data systems, anticipating problems, and finding ways to mitigate risk
• Engages technical teams and business stakeholders to discuss and propose technical approaches to meet current and future cybersecurity needs
• Defines the technical target state of their cybersecurity product and drives achievement of the strategy
• Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall cybersecurity of software applications and systems
• Leads evaluation sessions with external vendors, startups, and internal teams to drive continuous improvement and assess cybersecurity design and technical credentials for use in existing systems and architecture
• Leads communities of practice to drive awareness and use of new and leading-edge cybersecurity technologies. Adds to team culture of diversity, equity, inclusion, and respect

Required qualifications, capabilities, and skills

• Formal training or certification on cybersecurity architecture concepts and 5+ years applied experience
• Good understanding of industry frameworks like MITRE ATT&CK, NIST, CIS etc.
• Hands-on experience with infrastructure attacks, including familiarity with red teaming techniques, tradecrafts and tools.
• Ability to make informed decisions related to risks, exclusions and assess scenarios from an attack-centric approach
• Ability to lead and drive meetings with global teams when there is a need
• Hands-on practical experience delivering enterprise-level cybersecurity solutions and controls
• Proficiency in automation and continuous delivery methods
• Practical cloud native experience. Experience effectively communicating with senior business leaders

Preferred qualifications, capabilities, and skills

• Offensive Security skills such as Penetration Testing and/or Security certifications from reputed bodies
• Demonstrable development/scripting/automation experience in at least one of Java, Python, Go, PowerShell
• Knowledge in public cloud environments such as AWS and any relevant certifications
• Prior experience in Threat Modeling
• Thorough knowledge of network protocols
• Willingness to learn and drive to excel

NA