Job Description
We are looking for 12 years experienced candidates for this role.
Responsibilities include
Security Project Delivery
Own the full delivery lifecycle charter, plan, execute, measure, and close for the firm s enterprise security project portfolio.
Lead simultaneous workstreams across DLP, PAM, password management, pentesting, and access reviews, ensuring on-time and on-budget execution.
Establish project governance cadences, status reporting, RAID logs, and steering-committee presentations for each initiative.
Drive outcomes through matrixed teams, holding accountable both direct contributors and cross functional stakeholders without direct authority.
Data Loss Prevention (DLP)
Architect and deploy enterprise DLP policies across endpoints, email, cloud (M365 / Microsoft Purview), and network egress points.
Define data classification schemas in partnership with Legal, Compliance, and business-unit leadership.
Tune DLP rules to reduce false-positive rates while maintaining strong coverage for PII, client data, and proprietary information.
Establish incident response workflows for DLP policy violations and produce metrics for executive reporting.
Privileged Access Management (PAM)
Lead the enterprise rollout and ongoing governance of PAM platforms (e.g., CyberArk, BeyondTrust, or equivalent).
Define vaulting, session-recording, and just-in-time access policies for on-premises, cloud, and hybrid infrastructure.
Drive adoption by engaging with Infrastructure, Cloud, and application teams as internal customers of PAM controls.
Continuously evaluate PAM coverage gaps and close them through structured roadmap initiatives.Password Management
Design and enforce enterprise password management strategy across workforce (e.g., 1Password, Bitwarden) and privileged accounts.
Integrate password management tooling with SSO, MFA, and identity governance platforms.
Champion password hygiene awareness and embed credential security controls into the onboarding/offboarding lifecycle.
Penetration Testing Vulnerability Management
Manage the firm s penetration testing program scope, vendor selection, scheduling, findings triage, and remediation tracking.
Coordinate internal red-team / purple-team exercises and translate findings into actionable remediation roadmaps.
Partner with the Infrastructure and Application teams to validate remediation closure and verify control effectiveness.
Produce executive-grade pentest summaries and trend reporting for CISO, CTO, and board-level audiences.
Access Reviews Identity Governance
Design and operationalize a continuous access review program across on-premises AD, Entra ID (Azure AD), and key SaaS applications.
Automate access certification workflows using IGA platforms (e.g., SailPoint, Saviynt, or equivalent).
Partner with HR, Compliance, and application owners to enforce role-based access control (RBAC) and least-privilege principles.
Support internal and external audit requirements (SOX, PCAOB) with evidence packages from access review cycles.
Stakeholder Engagement Communication
Serve as the primary security liaison to business-unit leaders, ensuring security initiatives are understood as business-enablers.
Present program status, risk posture, and project outcomes to C-suite and board stakeholders in clear, non-technical language.
Collaborate closely with Legal, Compliance, Internal Audit, HR, and Finance to align security projects with regulatory obligations.
