Security Officer managing safety and security at Cromwell Hospital and Canary Wharf locations. Responding to security requests and maintaining logs while ensuring compliance with safety regulations.
About the role
- Senior Information Security Engineer leading enterprise-wide cybersecurity initiatives at e.l.f. Beauty. Designing security solutions and collaborating with teams to safeguard systems and data.
Responsibilities
- Design, build, deploy, and maintain enterprise security technologies and solutions aligned with business objectives, compliance requirements, and the cybersecurity program.
- Develop, document, and enforce security policies, standards, and procedures based on frameworks such as NIST, CIS, ISO 27001, and SOX while advancing overall security maturity, governance, and processes.
- Lead strategic security initiatives, including Zero Trust architecture, Data Loss Prevention (DLP), Cloud Security, Network Segmentation, IAM, Endpoint Security modernization, and security automation.
- Manage and improve email security, DNS security, and other protective controls to defend against phishing, malware, data exfiltration, and domain-based threats.
- Lead vulnerability management programs and drive remediation efforts, providing visibility into risks and progress to stakeholders.
- Oversee incident response lifecycle—detection, analysis, containment, remediation, post-incident review—and continuously enhance disaster recovery and business continuity plans.
- Monitor and analyze security events and network activity (e.g., traffic analysis, host behavior, forensics, kill chain, Windows event analysis), tuning tools, and event correlation for accurate threat detection.
- Collaborate with IT, DevOps, and digital teams to embed security into system design, application development, deployment pipelines, and cloud infrastructure.
- Evaluate and review vendor and partner security practices to ensure alignment with organizational standards.
- Produce regular security dashboards and metrics to report on incidents, threats, and operational effectiveness.
- Lead security awareness training, mentor junior engineers, and guide cross-functional teams on secure design principles and best practices.
- Stay current on emerging threats, vulnerabilities, and technologies to enhance enterprise resilience.
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, or related field; Master’s preferred.
- 7+ years of experience in information security engineering, architecture, or operations.
- Expertise in cloud security (AWS, Azure, GCP), data protection, IAM/SSO/MFA, email and DNS security, and secure network architecture.
- Hands-on experience with key security technologies: firewalls, VPN, NAC, EDR/MDR, IPS/IDS, SIEM, DLP, vulnerability management, and email security platforms (Proofpoint, Mimecast, Microsoft 365 Defender).
- Strong understanding of Zero Trust, endpoint protection, DevSecOps, security automation, and scripting (Python, PowerShell, Bash).
- Proven ability to lead incident response, risk assessments, threat detection, and remediation efforts.
- Experience implementing DNS protection solutions (Cisco Umbrella, Cloudflare, Infoblox, Valimail).
- Knowledge of security frameworks and compliance standards: NIST CSF, CIS Controls, ISO 27001, SOX.
- Demonstrated success in leading security awareness programs, mentoring team members, and advancing security program maturity.
- Relevant certifications preferred: CISSP, CISM, CISA, GIAC, Microsoft Security certifications, AWS Security Specialty, Azure Security Engineer Associate.
- Strong communication, leadership, and ability to manage multiple security initiatives.
Benefits
- bonus eligibility (200% of target over the last six fiscal years)
- equity
- flexible time off
- year-round half-day Fridays
- hybrid 3 day in office, 2 day at home work environment
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Behavioral Health & Security Associate in Peoria providing care and oversight for patients with behavioral health needs. Ensuring a safe environment and effective support for patients and staff.
AI Security Engineer at Prologis focused on securing AI integrations and developing AI security controls. Collaborating with engineering and business teams to promote secure AI practices.
Project Coordinator managing security projects at The Missing Link, ensuring client satisfaction and project deliverables. Coordinating teams and maintaining timelines for project success in the IT field.
Information Security Specialist ensuring optimal protection of data and systems at University of Toronto. Implementing security platforms and best practices for data integrity and threat mitigation.
Loss Prevention Agent responsible for security and loss prevention in logistics facilities. Ensuring safety and protection of property, clients, employees, and guests within the workspace.
Analyst Relations Manager shaping market understanding of Upwind's innovative cloud and AI security platform. Leading relationships with industry analysts to enhance visibility, credibility, and category leadership.
Senior Threat Modeller enhancing cybersecurity threat modeling for RBC. Collaborating with diverse teams to improve and implement secure by design principles across the enterprise.
Sr Network Security Engineer designing security architectures and leading security initiatives for RBC. Collaborating across teams to deliver multi - layered security solutions and mentoring team members in engineering best practices.
Senior Security Engineer supporting security engineering and SIEM administration at Ardent. Focused on improving threat detection and response within vSOC environments in Washington, D.C.