VP, Security Engineering

About the role

We are looking for a senior security engineering leader to shape and advance enterprise‑wide security capabilities. The role translates the organization’s cybersecurity strategy into scalable, engineering‑driven solutions across identity, cryptography, zero‑trust, data protection, and cloud security.

Key responsibilities

• Design, engineer, and implement enterprise security solutions covering IAM, cryptographic key management, zero‑trust architecture, security hardening, DLP, and cloud security controls.
• Drive adoption of zero‑trust principles across identity, network, and application layers, ensuring least‑privilege access and strong authentication.
• Oversee IAM capabilities such as SSO, MFA, PAM, and fine‑grained access controls (RBAC/ABAC).
• Establish cryptographic and key‑management frameworks for secure handling of keys, certificates, and secrets.
• Strengthen data protection through classification, encryption, and DLP across endpoints, networks, and cloud platforms.
• Define and enforce security hardening standards and baseline configurations for infrastructure, endpoints, and cloud environments.
• Lead cloud security engineering, including CSPM, container security, workload protection, and secure cloud architecture patterns.
• Integrate security into DevSecOps pipelines, embedding SAST/DAST, secrets management, and secure deployment practices.
• Partner with architecture and engineering teams to embed security controls into platform design and technology standards.
• Run PoC and PoV initiatives for emerging security technologies.

Required profile

• Bachelor’s degree in Computer Science, Information Security, Engineering or a related field.
• 8‑15 years of cybersecurity experience, preferably in banking or other regulated environments.
• Proven expertise across IAM, cryptographic key management, zero‑trust architecture, security hardening, DLP, and cloud security.

Required skills

• Identity and Access Management (IAM)
• Single Sign‑On (SSO)
• Multi‑Factor Authentication (MFA)
• Privileged Access Management (PAM)
• Role‑Based Access Control (RBAC) / Attribute‑Based Access Control (ABAC)
• Cryptographic Key Management, Certificates, Secrets Management
• Data Classification and Encryption
• Data Loss Prevention (DLP)
• Security Hardening and Baseline Configurations
• Cloud Security Posture Management (CSPM)
• Container Security and Workload Protection
• Secure Cloud Architecture
• DevSecOps, CI/CD Pipelines
• Static Application Security Testing (SAST)
• Dynamic Application Security Testing (DAST)