Position Summary
We are seeking an experienced Security Delivery Lead to design, implement, and manage end-to-end security solutions across applications, infrastructure, and operations. This role will be responsible for creating security architecture blueprints, leading teams to execute security projects, and ensuring compliance with enterprise and industry standards. The candidate should have a strong background in security solution architecture, hands-on technical expertise in multiple cyber domains, and proven leadership capabilities in security delivery.
Key Responsibilities
Security Architecture & Design
- Design security architecture blueprints covering DevSecOps, applications, infrastructure, and operational security.
- Define processes, provisioning models, integration points, and provide recommendations to strengthen security posture.
- Team Leadership & Delivery Management
- Develop project work plans, assign tasks, and drive delivery teams to completion.
- Ensure timely resolution of security findings and risk mitigation.
Vulnerability & Threat Management
- Lead and execute security scanning and testing activities including HCR, NVA, Penetration Testing, SAST, and DAST.
- Oversee remediation and closure of identified vulnerabilities.
Technology Implementation & Operations
- Implement and operationalize enterprise security tools (HSM, EDR, DLP, antivirus, monitoring platforms).
- Manage and secure container orchestration environments (OpenShift, CloudFoundation, Kubernetes).
- Secure enterprise Big Data architectures with role-based access control, DLP, monitoring, and reporting tools.
Operational Security
- Oversee OS-level and application-level patching, housekeeping, archival, and server/application hardening.
- Enforce organizational security policies (e.g., IM8).
Product Expertise (preferred tools)
- Thales CipherTrust & HSM.
- Digital Guardian DLP Product Suite.
- VMware Carbon Black EDR.
- TrendMicro Deep Security.
- Tenable Nessus, Burp Suite Enterprise.
Required Qualifications
- Minimum 5 years of experience as a Security Solution Architect.
- Professional certifications such as CISSP, CCSP, CCSK (or equivalent).
- Specialization in 12 cyber domains (e.g., Identity & Access Management, Cloud-native Security, Container orchestration security) with broad knowledge across other domains.
- Strong leadership and stakeholder engagement skills.
Good-to-Have Skills (Optional)
- Experience with government security standards, including SSAT, Security Compliance Checks, Vulnerability Scanning, DAST & SAST.
- Ability to articulate and defend security posture to ACISO and senior stakeholders.
- Hands-on experience with cloud-native security tools and environments.