We are seeking a highly experienced and visionary Information Security Group Leader. As a part of this role, you will define strategy and roadmap, design and implement scalable controls, and ensure robust protection of enterprise systems, applications, and data across on‑prem, hybrid, and cloud environments.
This role requires deep technical expertise, risk-based decision-making, and the ability to drive security outcomes through cross-functional partnership with IT, R&D, and business stakeholders.
This role combines strategic leadership, hands-on technical expertise, and cross-functional collaboration to continuously reduce risk, improve detection and response, and enable the business to move fast while meeting security and compliance obligations.
What will you do?
Security Leadership & Operations
Manage and mentor a team of security professionals, set objectives, develop skills, and build a high-performing, service-oriented security function.
Lead risk assessments and threat modeling for infrastructure and applications, drive remediation plans and risk acceptance decisions.
Oversee security operations, monitoring, and incident response in partnership with internal teams and service providers.
Define KPIs/KRIs and report security posture to leadership; manage budget, tools lifecycle, and security vendor relationships.
Security Architecture & Design
Define and maintain enterprise security architecture across applications, network, endpoints, identity, and core infrastructure.
Requirements: Experience: 10+ years in information security, IT, and/or security architecture, with demonstrated leadership across security operations, infrastructure, and cloud environments.
Expertise:
Security frameworks and risk management (e.g., NIST CSF/800-53, ISO 27001, SOC 2), including control ownership and audit readiness.
Cloud security for AWS/Azure/GCP and hybrid architectures (identity, network, logging/monitoring, workload protection, CSPM/CWPP concepts).
Advanced networking and network security (firewalls, segmentation, SD-WAN, Zero Trust, VPN/secure remote access, DNS security).
Virtualization (Nutanix, VMware).
Storage systems (Netapp).
Identity & Access Management (SSO, MFA, PAM, lifecycle automation) and strong authentication/authorization patterns.
Application Security and DevSecOps (secure SDLC, code review practices, SAST/DAST, dependency and container security, CI/CD integrations).
Vulnerability management (scanning, prioritization, patching governance) and security hardening for endpoints, servers, and cloud workloads.
Security operations tooling and processes (SIEM, SOAR, EDR/XDR), logging strategy, detection engineering, and incident response.
Proven ability to lead through influence, driving a security-first culture across IT and business units while navigating complex organizational changes.
A track record of building high-performing teams by fostering a culture of continuous learning and clear career pathing for security professionals.
Exceptional ability to translate complex technical risks into business-impact narratives for leadership.
Strong "leader-as-a-partner" mindset, balancing security requirements with the need for business agility and speed.
Proficiency in developing security frameworks for the safe adoption of Generative AI and LLMs.
Certifications: CISSP and/or CISM, cloud security/architecture certifications (AWS/Azure/GCP) or equivalent experience.
Skills: Strong analytical and problem-solving skills, Strategic thinker with the ability to translate long term vision into practical execution, Comfortable navigating ambiguity and balancing competing priorities, Genuine interest in emerging technologies, including AI and security automation, Results-oriented with strong focus on measurable outcomes, Excellent written and verbal communication, stakeholder management, and program/project management.
This position is open to all candidates.