• Provide security expertise to deliver the digital security strategy.
• Act as the first point of contact for customer teams.
• Own the implementation and application of relevant operating processes and procedures, ensuring all activities adhere to established security standards.
• Promote and build awareness of internal and external technology developments, delivering process and system improvements.
• Champion the safety of people and customers as the highest priority.
• Promote a philosophy of operational safety and ensure that architectures, designs, and processes enhance and improve digital security.
• Engage with colleagues and business stakeholders to support those working across multi-functional teams.
• Help teams grow and deliver agile and commercially beneficial solutions, while delegating effectively, inspiring others, and working proactively alongside the team.
• Share expertise and mentor the team to develop a sustainable culture and engagement within IS.
• Collaborate cross-functionally on IS-related topics, including supporting the sales team in their meetings.

Skills: Cybersecurity Strategy, Incident Response, Security Operations, Risk Compliance, Stakeholder Engagement, Process Improvement, Agile Leadership, Team Mentorship

• Conduct security assessments on enterprise business and infrastructure applications based on industry standards such as NIST, ISO, and SANS Critical Security Controls.
• Deliver assessment reports detailing observations and associated recommendations.
• Provide independent or internal reviews of security controls and information systems.
• Identify and evaluate technology risks, controls that mitigate risks, and related opportunities for control improvements.
• Provide actionable recommendations to guide technical and business teams in meeting security and compliance standards and bolstering cybersecurity controls.
• Leverage and build on security assessment processes and tools to review security controls.
• Provide advisory services to business application owners and infrastructure application owners on security control gaps and guide the remediation process.
• Display strong technical security aptitude with IT Security.
• Assist in responses to security incidents and the investigation of security breaches, and provide associated information.

Skills: Security Assessments, Risk Evaluation, Control Reviews, Compliance Standards, Advisory Services, Incident Response, Technical Security, Remediation Guidance

• Undertake ad hoc security testing of web applications and infrastructure.
• Hunt and monitor cybersecurity solutions for indicators of compromise (IoCs) and anomalous activity.
• Provide advice and guidance on how to minimise the impact of threats to assets and services and support business initiatives.
• Provide subject matter expertise for development teams in secure application development and remediation of security test findings.
• Monitor and manage technical cybersecurity solutions against defined performance KPIs.
• Continuously identify opportunities to improve technical cyber risk management controls.
• Actively identify inefficiencies and champion the adoption of new controls, technologies, and approaches to meet business needs and manage risk.
• Help shape and support the delivery of the Cyber Strategic plan and policies, including the definition and evolution of security controls and associated KPIs.
• Work with other teams to help inherently secure architect solutions.

Skills: Security Testing, Threat Monitoring, Risk Advisory, Secure Development, Solution Management, Control Improvement, Cyber Strategy, Secure Architecture

• Take overall responsibility for security assessments and testing activities, deliverables, change management, and resources across various programs.
• Manage the security testing program across all projects driven by security, as well as those dependent on security.
• Deliver all internal cybersecurity projects on time, within budget, and to the required quality.
• Align resources between the first line and the infosec teams when delivering operational-based projects.
• Oversee the security handoff process to service and operational teams.
• Develop mitigation plans to support identified project risks.
• Manage third-party integration plans and risks across security projects.
• Own and drive security project and portfolio governance with both internal security teams and the wider portfolio management team.
• Manage the budget and cost attributes for each project until handoff, including vendor cost management during the project lifecycle.
• Matrix manages all project-related resources for testing and release management.
• Manage stakeholder relationships and fulfill communications requirements for projects.
• Own the reporting and tracking of prioritization, resolution, and escalation for security risks and issues.

Skills: Security Program Management, Project Delivery, Risk Mitigation, Resource Alignment, Vendor Management, Governance Oversight, Stakeholder Communication, Budget Management

• Continually review security management processes within the area and seek improvements across the group function.
• Drive liaison with wider internal delivery units to ensure information security principles are progressively embedded in day-to-day operations.
• Provide expertise to colleagues and customers in Information Security and other IT functions on policies, standards, procedures, guidelines, and efficient use of tools and technologies.
• Chair security working group meetings and advise customers and ISPs on security risks and the current security posture.
• Utilize knowledge of the customer and the company’s service catalogue to offer additional services and add value, liaising with the pre-sales community.
• Support security managers, customer stakeholders, and internal delivery units during escalations or security incidents.
• Effectively manage a professional team of customer-facing security managers.
• Manage staff performance and identify training and development plans in line with departmental objectives.
• Conduct recruitment and selection activities using existing HR processes and preferred suppliers.
• Oversee effective management of overall skills and capability mix within the team to meet business requirements.

Skills: Process Improvement, Security Embedding, Policy Advisory, Risk Advisory, Service Enablement, Incident Support, Team Leadership, Talent Development

• Advise the portfolio of companies on all aspects of information security and build the initial security solutions before transitioning ongoing support and maintenance to the individual companies.
• Advise on application testing, penetration testing, securing Azure and AWS applications, risk assessments, audits, compliance, and incident response programs.
• Learn and adapt to a wide range of tech stacks, tools, and technologies through collaboration across businesses.
• Perform hands-on security tests for web applications, APIs, and mobile apps.
• Create and implement cybersecurity policies and recommend security improvements across the portfolio of companies.
• Work with C-level executives and train team members on security practices.
• Ensure effective development and delivery of end-user security awareness training, reporting, and performance metrics.
• Deliver security metrics reporting to provide senior leadership with clear visibility of security posture and risks.
• Stay current with new automotive, machine learning, and autonomous vehicle market trends and best practices.
• Generate thought leadership, insights, and recommendations to improve security and streamline processes.

Skills: Security Solutions, Penetration Testing, Cloud Security, Risk Compliance, Policy Development, Executive Advisory, Awareness Training, Security Metrics

• Develop and execute a full-lifecycle information security strategy that aligns with short, medium, and long-term objectives.
• Design, develop, and oversee the performance of information security operations for all IT infrastructure and enterprise applications across multiple locations, remote employees, and deployed autonomous systems.
• Identify unaddressed security needs and deploy technologies and solutions to maintain parity with autonomous vehicle industry benchmarks.
• Partner across the organization to ensure information security techniques and technologies are designed into products and operations from the earliest stages.
• Prepare and present accurate and timely information verbally and in writing to respond to audits and inquiries, and foster a proactive culture aligned with internal policy and regulatory requirements.
• Oversee the management of information security tools, contracts, documentation, standards, and processes to create a sound, sustainable, and compliant operating environment.
• Provide security expertise and direction for enterprise applications supporting finance, sales, operations, and quality teams.
• Assess and identify security control needs for sensitive and regulated data, and refine and oversee compliance programs aligned with regulatory and international standards such as ISO 27001 and SOC 2.
• Develop and drive security risk analysis, mitigation, and remediation plans, and design and lead security incident response and recovery efforts.
• Evolve the organization’s capability to monitor threats and vulnerabilities, and detect, investigate, respond to, and recover from incidents.
• Own all documentation, processes, and training related to disaster recovery capabilities.

Skills: Security Strategy, Operations Oversight, Risk Management, Compliance Programs, Secure Design, Incident Response, Threat Monitoring, Disaster Recovery

• Develop and execute security controls, defenses, and countermeasures to intercept and prevent internal or external attacks.
• Design security solutions that maintain security and compliance within public cloud environments while ensuring alignment of technology to business strategy.
• Develop and implement creative security architectural approaches that apply proper security controls to meet both ongoing and emerging threats.
• Guide the secure configuration of systems and services exposed to Internet sources, as well as on all automotive cloud-related projects.
• Serve as the subject matter expert on cloud security across infrastructure and application environments, and guide the establishment of security settings and policies.
• Perform security functions such as cloud architecture reviews, threat modeling, code and configuration reviews, and incident response.
• Identify risks and guide remediation of gaps to support a hardened and sustainable cloud environment.
• Lead all security efforts for the integration of infrastructure and business solutions with automotive cloud environments.
• Administer cybersecurity policies to control physical and virtual access to systems.
• Perform network security audits and testing, and evaluate system security configurations to ensure efficacy and compliance with policies and procedures.

Skills: Cloud Security, Security Architecture, Threat Modeling, Secure Configuration, Risk Remediation, Incident Response, Network Security, Compliance Management

• Partner with IT, Legal, HR, and other business units to manage and implement information security controls across global Applied Materials locations.
• Research observed and noteworthy threats using open sources, proprietary sources, and vendor-provided intelligence.
• Provide actionable recommendations to extended teams within Applied Materials to strengthen cybersecurity efforts.
• Monitor internal and external threat landscapes to update strategy and the intellectual protection program roadmap.
• Conduct penetration testing and vulnerability assessments of applications, operating systems, and networks.
• Respond to cybersecurity breaches by identifying intrusions, isolating threats, blocking attacks, and removing unauthorized access.
• Provide management with information on the business impact caused by theft, destruction, alteration, or denial of access to information and systems.
• Deliver periodic reports to the management team and key stakeholders.
• Build partnerships with industry peers and government agencies to understand security requirements and advise management.
• Work with IT security domains, including enterprise firewalls, identity management, endpoint security technologies, web and email security, and server application monitoring and analysis.

Skills: Security Controls, Threat Intelligence, Vulnerability Assessment, Penetration Testing, Incident Response, Risk Reporting, Stakeholder Collaboration, Identity Management

• Ensure that Information Security policies, related standards, and guidelines are maintained and applied effectively across the business and systems.
• Establish and manage an organization-wide information security management program to ensure information assets are adequately protected.
• Develop the Information Security Strategy and Cyber Training & Awareness Program in conjunction with senior leadership.
• Monitor security vulnerabilities and malicious activity using the organization’s security incident and event management tools.
• Conduct compliance audits and reviews, and report results to senior leadership and governance committees.
• Manage and provide leadership to the information security analyst.
• Identify and evaluate top human risks to the organization and the behaviors that must change to mitigate those risks.
• Develop, review, implement, and maintain a security awareness program to address human risks in the operating environment.
• Create and manage a metrics framework that measures employee compliance with information security policies and the overall effectiveness of the security awareness program.
• Establish and maintain an understanding of employee awareness across the organization.
• Define and manage a key stakeholder map (RACI or equivalent) and deliver monthly updates to the team on communication activities.
• Act as the bridge between digital security and communications and advocacy functions, attend communications meetings on behalf of the team, and ensure alignment and impact of communications to the client.

Skills: Policy Management, Security Program, Cyber Awareness, Threat Monitoring, Compliance Audits, Team Leadership, Risk Mitigation, Stakeholder Communication

• Experience as a Data Security Engineer, leading security teams.
• Proven experience performing analysis of security events to determine root cause and provide resolution.
• Knowledge of various security methodologies and processes, and technical security solutions.
• Basic knowledge of Data Loss Prevention/Leakage tools, Data Classification tools.
• Experience securing cloud platforms (AWS, Azure, GCP), including IAM, encryption, and cloud-native security controls.
• Practical experience in containment, eradication, recovery, and digital forensics during security incidents.
• Strong research and analytical skills, especially with respect to event classification, event correlation, and root cause analysis.
• Excellent communication, problem-solving, and organizational skills.
• Stay effective under pressure and quickly adjust to evolving threats or shifting priorities.
• Able to build strong cross-functional relationships with IT, legal, compliance, and business teams to align security with business goals.

Qualifications: BS in Information Systems with 6 years of Experience

• Knowledge of information security fundamentals.
• Understanding of modern cloud infrastructure and effective approaches to managing it (e.g., AWS, Heroku, monitoring tools).
• Understanding of SaaS-focused tooling for employees (e.g., Salesforce, Google, Catalyst, Notion).
• Strong communication and leadership skills.
• Familiarity with governance frameworks and certifications such as SOC2.
• Experience identifying potential attack vectors, assessing vulnerabilities, and prioritizing risks to critical assets.
• Hands-on work with role-based access control, SSO, MFA, and privileged access management.
• Experience in developing and executing playbooks for handling breaches and ensuring business continuity.
• Ability to evaluate complex security scenarios and make sound, timely decisions.
• Strong focus on accuracy when reviewing logs, policies, and configurations.
• Good time management skills, prioritizing multiple security projects and incident response efforts efficiently.

Qualifications: BS in Computer Networking and Security with 5 years of Experience

• Experience in security with a focus on delivery, project management, and information security governance.
• Strong understanding of cyber resilience planning and incident management.
• Demonstrative experience managing large, complex security projects and programs.
• Experience working with third parties and handling challenging relationships with diplomacy and balance.
• An individual who enjoys taking the lead and producing quality work with minimal guidance.
• A mindset that considers solutions before presenting challenges
• An ambitious, career-driven person.
• A good understanding of security methodologies, NIST, SANS, or other ISMS.
• Strong analytical and reporting skills.
• Ability to effectively communicate both technical and non-technical security value and risk.
• Aptitude for assessing security-related issues and requirements from both a business and infosec perspective.
• Excellent planning, organisational, and problem-solving skills.

Qualifications: BS in Data Science with 10 years of Experience

• Detailed knowledge of core practices in Information Security, Risk, and Controls with experience in technology risk and control programmes.
• Experience working in end-user roles, preferably in financial services.
• Understanding of risk and control principles.
• Experience with industry control frameworks, such as NIST SP 800-53, ISO 27002, and CIS Controls.
• Detailed knowledge of technical security safeguards.
• Experience in assessing and managing security risks associated with external vendors, partners, and supply chains.
• Can apply security controls and compliance requirements specifically for cloud environments (AWS, Azure, GCP).
• Practical experience aligning security practices with financial regulations such as SOX, GDPR, or PCI-DSS.
• Excellent command of the English language, both written and verbal.
• Strong analytical and people skills.
• Ability to deliver multiple concurrent tactical initiatives whilst maintaining a strategic outlook.
• Open-minded, creative, pragmatic, and detail-oriented.

Qualifications: BS in Computer Science with 9 years of Experience

• A thorough working knowledge of cyber and information security requirements within the insurance marketplace from a Managing Agent's perspective.
• Experience communicating with a wide range of teams, including Risk Management, Internal Audit, Compliance, HR, IT Managers, and business managers.
• Experience representing the business to third-party business partners in the progress of projects and external security reviews.
• Experience in compliance matters, generally with considerable knowledge of information and cybersecurity regulations in all jurisdictions where the company operates.
• Experience in Data Privacy matters with considerable knowledge of personal data privacy legislation worldwide.
• Experience in the completion of information security returns for regulatory bodies.
• In-depth experience in Information Security and Cyber Security risk assessment, best practice solutions, and evaluation of solutions deployed.
• Previous experience of working within a multi-vendor environment or complex infrastructure.
• Demonstrable experience negotiating difficult situations to a successful conclusion.
• Ability to align cybersecurity initiatives with business objectives and the overall risk appetite of the Managing Agent.
• Good verbal and written communication skills.
• Have a strong problem-solving and analytical mindset.
• Stay effective under pressure when facing emerging threats, regulatory changes, or shifting business priorities.

Qualifications: BS in Management Information Systems with 13 years of Experience

• Experience in a related role, such as IT engineering, infrastructure operations, or Information Security Engineer.
• Experience successfully managing IT projects big and small (e.g., implementing a ticketing process, an SSO implementation, an office build-out, SOC2 processes, etc.)
• Experience managing outside IT vendors.
• Familiarity with Google and Microsoft cloud products and configuration management.
• Direct experience with office networks and network administration/installation.
• Superb customer service chops and experience with employee onboarding and offboarding.
• Ability to design and communicate clear processes, detail-oriented but not rigid.
• Knowledgeable in scripting, CLIs, API development (e.g., Bash, Shell, Python, REST, etc.), and web services to implement custom integrations and automation of system tasks
• InfoSec experience, including SEC/RIA Compliance, and crypto security experience.
• Strong influence and relationship management skills, understand how to influence people without having direct managerial authority, and how to reach win-win solutions versus being dragged into the weeds of "we can’t".
• Highly approachable by all employees, with superb customer service skills that make everyone feel taken care of (even when the answer is no!).
• A creative problem solver and able to manage decision-making independently and "think like an owner" when it comes to budgets and resources.

Qualifications: BS in Network Engineering with 8 years of Experience

• Proven ability to operate autonomously with strong time management, decision-making, and judgment, knowing when to seek guidance or escalate issues.
• Demonstrated track record of going beyond day-to-day responsibilities by identifying and implementing process improvements, including automation of repetitive tasks and strengthening security controls.
• Strong knowledge of security best practices, frameworks, and regulations, including NIST, ISO 27000 series, and PCI DSS.
• Ability to stay current with emerging trends, vulnerabilities, and industry developments.
• Solid understanding of application security and Agile methodologies.
• Experience with automation, integration tools, APIs, CI/CD pipelines, and data flow across systems.
• Hands-on experience with cloud security, preferably within Microsoft Azure, and familiarity with Microsoft E5 Security Licenses.
• Working knowledge (or willingness to learn) of object-oriented programming, scripting, and infrastructure-as-code (IaC) languages such as Python, PowerShell, and Terraform.
• Familiarity with infrastructure security principles, with the ability to conduct architecture and design reviews.
• Innovative mindset with the ability to propose and implement new ideas that enhance and strengthen IT security systems.
• Relevant certifications such as CISSP or SANS GIAC.

Qualifications: BS in Information Technology with 7 years of Experience

• Experience in Information Security Infrastructure, with security or privacy certifications.
• Good understanding of privacy and data protection regulations such as PCI-DSS, HIPAA, FedRAMP, or EU GDPR.
• Experience with a range of security technologies, processes, and tooling around vulnerability management, patch management, firewalling, networking, including IAM, SIEM/SOC, IDS/IPS, DLP.
• Technical understanding of a range of enterprise IT infrastructure and architectures for private, public, and hybrid cloud models, including web applications, databases, operating systems, servers, and networking technologies.
• Automation mindset and experience (CloudFormation, Terraform, Ansible, Python).
• Hands-on experience working with cloud providers (AWS, Azure, GCP).
• Working knowledge of information security controls, guidelines, and standards (ISO27000 series, OWASP, CSA CCM, CIS 20 critical security controls, SOC 2, and NIST).
• Excellent problem-solving and analytical skills.
• Strong organizational skills and the ability to work with minimal supervision.
• Ability to work independently as well as collaboratively in a team environment.
• Good interpersonal skills, including persuasiveness and/or assertiveness skills.
• Strong written and verbal communication with the ability to converse effectively at all levels of seniority, both internally and externally.

Qualifications: BS in Computer Engineering with 9 years of Experience

• Advanced knowledge of multiple IT control and project management practices, and experience working across large environments
• Technical experience, SDLC, and cloud computing.
• Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals.
• Ability to handle multiple high-priority initiatives.
• Expertise in application and infrastructure high-availability and resiliency architectures, with demonstrated experience in business.
• Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management, and data protection.
• Hold relevant certifications, including CISSP, CRISC, CISA, CCSP, and AWS.
• Audit engagement experience.
• Strong leadership skills with exceptional communication, facilitation, and escalation skills.
• Able to identify risks, break down complex issues, weigh trade-offs, and find pragmatic solutions.
• Responsive, energetic, and analytical.
• Ability to foster trust and cohesion across multidisciplinary teams, encourage knowledge sharing, and mentor less experienced staff.

Qualifications: BS in Cybersecurity with 12 years of Experience

• Experience working in multinational companies with expertise in managing diverse security applications.
• Skilled in performing, analyzing, and managing security scanning software and handling security incidents.
• Strong background in ISMS (ISO 27001) and information security processes.
• Holder of CISSP, CISM, or equivalent non-vendor-centric certifications.
• Proven ability to collaborate effectively to establish goals, objectives, and action plans.
• In-depth knowledge of technical security scanning, audits, and risk assessment methods.
• Working knowledge of information risk concepts and principles, linking business needs to security controls.
• Experience with security applications, operating systems, and a wide range of technologies, including SIEM, IAM, DLP, WAF, EDR, anti-malware, patch management, AD audit, email/web security gateways, and mobile security solutions.
• Deep understanding of network infrastructure (routers, switches, firewalls, protocols) and databases (MySQL, MSSQL, etc.).
• Experience developing and documenting security architecture, strategies, and project plans.
• Familiar with leading frameworks (ISO 27001, ITIL, COBIT) and fundamentals of project management, including budgeting and resource allocation.
• Ability to develop, document, and maintain security policies, processes, procedures, and standards
• Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
• Strong verbal and written communication skills, and the ability to create a presentation for business, and translate and express the technical jargon in layman's terms.
• A strong customer/client focus, with the ability to manage expectations appropriately, to provide a superior customer/client experience, and build long-term relationships.

Qualifications: BS in Software Security Engineering with 15 years of Experience