Security Design Lead in Rabobank's cybersecurity team, designing secure technology solutions for food & agribusiness banking. Collaborating across teams to ensure robust security implementations.
About the role
- Senior Manager overseeing Security Risk Management at First American. Leading enterprise policies, third-party vendor security, and security strategy execution.
Responsibilities
- Lead the lifecycle management of enterprise Information Security policies, standards, baselines, and guidelines
- Ensure alignment with regulatory requirements, industry frameworks (e.g., NIST CSF, ISO 27001), and internal risk posture
- Oversee periodic reviews, updates, and governance activities for all security documentation
- Lead the enterprise Information Security–focused TPRM program, ensuring all third parties with access to corporate data, systems, or facilities undergo rigorous security risk assessments
- Maintain assessment methodologies centered on security controls, including data protection, access management, vulnerability management, encryption practices, incident response maturity, and cloud security posture
- Oversee due diligence processes, security questionnaires, evidence reviews, attestations (SOC 2, ISO 27001, penetration tests), and follow‑up remediation activities
- Partner with Procurement, Legal, and business stakeholders to ensure contracts include appropriate security obligations, such as breach notification requirements, minimum security standards, and right‑to‑audit language
- Monitor ongoing vendor security risk through periodic reassessments, continuous monitoring tools, and threat intelligence related to third‑party ecosystems
- Deliver metrics and executive‑level reporting on the security posture of third parties, highlighting emerging risks, systemic gaps, and required remediation actions
- Support the development and execution of the long‑term security strategy
- Partner closely with cross‑functional business teams and IT leadership to ensure security strategy aligns with organizational goals, technology roadmaps, and operational priorities
- Provide expert insight into risk-based prioritization, investment planning, and roadmap development
- Monitor regulatory, threat, and technology trends to inform strategic decisions
- Oversee the enterprise security awareness program, including phishing simulations, mandatory training, campaigns, and targeted education for high‑risk groups.
Requirements
- 8+ years of experience in Information Security, Risk Management, Compliance, or related fields
- 3+ years in a leadership role
- Strong knowledge of security frameworks (NIST, ISO, SOC 2, CIS), risk methodologies, and regulatory requirements
- Experience leading enterprise policy programs and vendor risk management activities
- Proven ability to collaborate and influence across all levels of the organization
- Excellent written and verbal communication skills with the ability to influence stakeholders, present to executives, and simplify complex risk topics
Benefits
- health insurance
- dental
- vision
- 401k
- PTO/paid sick leave
- employee stock purchase plan
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Identity Security Posture Management Specialist enhancing identity security posture at Kemper Insurance. Collaborates across teams to tackle identity risks and compliance challenges in a high - performing culture.
Principal Architect developing cybersecurity strategy for Ensemble's technology - enabled revenue cycle management solutions. Focus on securing cloud architectures and ensuring information assurance in healthcare.
Zscaler Engineer responsible for maintaining cybersecurity tools and developing integrations at HP. Collaborating across teams to enhance data loss prevention strategies and monitor industry threats.
Designer developing comprehensive application solutions for security systems at Johnson Controls. Collaborating on technical sales support and large - scale integrated electronic security systems.
Analyst role supporting Epic Security & Configuration at Acrisure, ensuring application functionality and troubleshooting issues. Collaborating with teams for configuration and security in Applied Epic systems.
Security Detection & Response Engineer for Flutter Entertainment developing security detection frameworks. Collaborating with global teams to enhance cybersecurity operations in complex, multi - cloud environments.
Specialist Software Design Verification Engineer in Cybersecurity at Solventum. Responsible for software verification, testing processes, and compliance with medical device regulations.
Lead defensive threat research on generative and agentic AI systems at RBC. Identify emerging threats and develop proof - of - concept exploits to enhance AI security.
Entry - level role in information security at Applied Materials, managing technologies and assisting in compliance with security standards. Contributing to the development of awareness and training.