Senior Manager, Information Security Architecture & Engineering
USFull-TimeManager
Salary166,400 - 266,200 USD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- 10+ years
- Required Skills
- AWSGCPAzure
Requirements
- 10+ years of experience in information security, including security architecture, application security, or infrastructure security roles.
- Strong expertise in cloud security environments (AWS, Azure, or GCP) and DevSecOps practices.
- Proven experience designing and implementing secure software development and CI/CD-integrated security controls.
- Deep understanding of vulnerability management, threat modeling, and security testing methodologies.
- Experience leading or influencing globally distributed teams across multiple time zones.
- Strong ability to communicate complex security concepts to engineering, technical, and non-technical stakeholders.
- Familiarity with security frameworks and regulations such as NIST CSF, PCI-DSS, GLBA, or equivalent standards.
- Hands-on experience with identity and access management, encryption, authentication, and monitoring systems.
- Bachelor’s degree in Computer Science, Information Security, or a related field.
Responsibilities
- Define and maintain enterprise security architecture frameworks ensuring secure-by-design principles across applications, infrastructure, and data systems.
- Partner with engineering, DevOps, and platform teams to embed security into SDLC, CI/CD pipelines, and cloud environments.
- Lead and continuously improve vulnerability management programs, ensuring risk-based prioritization and remediation across assets.
- Oversee security design review processes for new and evolving systems, ensuring consistent and scalable security assessment practices.
- Promote security-as-a-service models that enable developers to build and deploy securely with minimal friction.
- Act as a trusted advisor to engineering and technology leadership on security risks, architecture decisions, and best practices.
- Collaborate with GRC teams to align technical controls with regulatory, compliance, and business requirements.
- Champion a security-first culture by embedding awareness, standards, and accountability across technical teams.
- Drive improvements in identity, access management, encryption, logging, monitoring, and data protection architectures.
View Full Description & ApplyYou'll be redirected to the employer's site
