CISO managing information security and privacy governance at Puzzel, a leading cloud - based contact center provider in Europe. Engaging with stakeholders for compliance and risk management.
About the role
- BISO for Cloud Computing implementing strategies for security governance and risk management. Collaborating with teams to secure AWS environments and improve security practices.
Responsibilities
- Driving information, cyber, and infrastructure security governance across all business and technology units, ensuring alignment with enterprise cybersecurity programs, objectives, and regulatory requirements
- Serving as the primary liaison between Business Units, Cloud Engineering, and the Cyber Security organization to embed security awareness and best practices into AWS cloud operations, CI/CD pipelines, and DevOps workflows
- Leading cloud security oversight for AWS environments, including configuration management, identity and access controls, encryption, and compliance with organizational policies and industry standards (ISO 27001, NIST, SOC 2)
- Managing and coordinating technical risk assessments — including vulnerability scanning, penetration testing, and application risk reviews — to ensure secure deployment across cloud and hybrid infrastructures
- Overseeing the security posture of CI/CD pipelines (Jenkins, GitHub Actions, or similar), integrating automated scanning tools and secure code validation into build and deployment processes
- Collaborating with DevOps and Infrastructure teams to define and implement secure-by-design practices for containerized workloads, Kubernetes clusters, and AWS-native services (EKS, EC2, S3, Lambda)
- Defining and executing a risk-based information and infrastructure security strategy, including setting measurable goals, developing security training programs, and creating roadmaps for improving DevSecOps maturity
- Developing and report cybersecurity metric scorecards to track compliance with enterprise standards, vulnerability remediation progress, and adoption of security controls across business and cloud environments
- Providing expert guidance on security architecture decisions, evaluating new tools and technologies for impact on cloud environments, automation frameworks, and enterprise security strategy
- Leading cross-functional security initiatives to ensure business innovation aligns with secure architecture principles, risk management standards, and ongoing governance frameworks
Requirements
- Possess a strong proficiency with AWS services (EC2, S3, IAM, Lambda, CloudTrail, CloudWatch, KMS, GuardDuty, Security Hub, WAF, etc.)
- Have the ability to design secure, scalable cloud architectures with proper identity, access management, and network segmentation
- Experience with AWS Config, AWS Control Tower, or Terraform for compliance automation and infrastructure as code (IaC)
- Possess an understanding of Kubernetes (EKS), Docker, and container image scanning tools
- Hands-on experience integrating security controls into Jenkins, GitHub Actions, or GitLab CI pipelines
- Familiarity with code scanning tools (Snyk, SonarQube, Checkmarx, or Veracode) and dependency management
- Scripting proficiency (Python, Bash, or PowerShell) to automate security testing and compliance checks
- Experience implementing vault solutions (HashiCorp Vault, AWS Secrets Manager)
- Ability to translate technical risks into business terms for senior stakeholders and non-technical leaders
- Experience partnering with IT, Cloud, and Business Units to embed security in strategic initiatives
- Leading security programs, tracking KPIs/metrics, and ensuring timely delivery of remediation plans
- Designing and delivering cybersecurity awareness programs tailored to business functions
Benefits
- Health Benefits: Comprehensive, multi-carrier program for medical, dental and vision benefits
- Retirement Benefits: 401(k) with match and an Employee Share Purchase Plan
- Wellbeing: Wellness platform with incentives, Headspace app subscription, Employee Assistance and Time-off Programs
- Short-and-Long Term Disability, Life and Accidental Death Insurance, Critical Illness, and Hospital Indemnity
- Family Benefits, including bonding and family care leaves, adoption and surrogacy benefits
- Health Savings, Health Care, Dependent Care and Commuter Spending Accounts
- In addition to annual Paid Time Off, we offer up to two days of paid leave each to participate in Employee Resource Groups and to volunteer with your charity of choice
Job title
Job type
Experience level
Salary
Degree requirement
No Education Requirement
Tech skills
Location requirements
Manager of IT Support & Endpoint Security overseeing service desk operations and endpoint security strategies. Leading a team to deliver high - quality technical support and manage IT security policies.
Senior Security Officer responsible for security and safety duties in acute care settings. Providing armed presence and response, coordinating with law enforcement as required.
Security Officer overseeing sensitive information protection and compliance with regulations. Collaborating with internal teams ensure security policy implementation and risk management under EU standards.
Technical consultant addressing information security risks for USAA and guiding strategic security direction. Leading peers in assessing security strategies and educating on best practices.
Technical Recruiter for BGS managing recruitment of Cybersecurity and IT professionals. Collaborating with technical teams to identify skill requirements and enhance talent acquisition processes.
Security and Privacy SME at Dynanet Corporation responsible for data management compliance and governance guardrails. Ensuring secure data handling and adherence to federal regulations.
PAM Manager responsible for strategy, roadmap, and operations of PAM program at Intact. Leading a team to safeguard privileged identities and secrets across various environments.
Senior Cybersecurity Vulnerability Management Versatilist at Boeing. Protecting the IT ecosystem by innovating vulnerability management solutions and leading security initiatives.
Entry level Associate Security Engineer at Navy Federal securing technical infrastructure and workloads with operational capabilities and threat monitoring practices.