[Hiring] Head of Security Engineering - Senior Vice President @iCapital

Role Description

iCapital is looking for a Head of Security Engineering to lead and evolve our security engineering function within a regulated financial services environment. This role combines strong technical depth, hands-on operational capability, and team leadership, ensuring our security architecture, tooling, and processes are scalable, resilient, and aligned with regulatory expectations.

You will manage a team of security engineers while remaining actively engaged in technical problem-solving, including supporting incident investigations and shaping secure architecture. You will partner closely with Engineering, DevOps, Infrastructure, and Technology/Development teams to embed security across the software development lifecycle and cloud environments.

Responsibilities

• Leadership & Team Management
  • Lead, mentor, and develop a team of ~5 security engineers across multiple domains
  • Define team priorities and execute against the security engineering roadmap
  • Foster a culture of ownership, automation, and continuous improvement
  • Partner with the CISO and senior stakeholders on strategy, reporting, and risk alignment
• Security Architecture & Engineering
  • Own and evolve the firm’s security architecture and technology stack, including:
    • Cloud security (AWS/Azure/GCP, including CSPM/CNAPP)
    • Identity & Access Management (IAM), SSO, and Privileged Access Management (PAM)
    • SIEM, detection engineering, and logging architecture
    • CASB / SaaS security controls
    • Data protection (DLP, DSPM, encryption, key management)
    • Network security (firewalls, segmentation, zero trust architecture)
  • Design and implement secure, scalable, cloud-native architectures
  • Evaluate, select, and rationalize security tools and vendors
• Cloud & Infrastructure Security
  • Define and enforce security standards across:
    • Cloud environments (AWS/Azure/GCP)
    • Containers and orchestration platforms (e.g., Kubernetes, Docker)
    • Infrastructure as Code (Terraform, CloudFormation)
  • Implement least privilege access models and zero trust principles
• DevSecOps & Secure Development
  • Work closely with Engineering and DevOps teams to:
    • Embed security into CI/CD pipelines and Infrastructure as Code (IaC)
    • Implement secure coding practices and secrets management
    • Perform threat modeling and secure design reviews
    • Champion DevSecOps principles and shift-left security practices
• Automation & Engineering Excellence
  • Drive security automation and orchestration (SOAR) to scale operations
  • Utilize scripting and programming (e.g., Python, PowerShell, Bash) to:
    • Automate workflows
    • Integrate tools
    • Enhance detection and response capabilities
  • Define and report on security KPIs and KRIs to the CISO and senior leadership

Qualifications

• 10+ years of experience in information security or security engineering
• Proven experience leading and managing technical security teams
• Strong hands-on expertise across:
  • Cloud security (AWS/Azure/GCP)
  • Identity and access management (IAM/PAM)
  • SIEM and detection engineering
  • Network and infrastructure security
  • Data protection technologies (DLP, DSPM, encryption)
• Experience working closely with SOC teams and incident response
• Demonstrated ability to partner with engineering and DevOps teams
• CISSP (required)
• Additional certifications preferred:
  • CCSP, AWS/Azure Security certifications
  • GIAC (e.g., GCIA, GCIH) or equivalent

Key Skills & Attributes

• Strong balance of technical depth and leadership capability
• Hands-on, pragmatic approach with the ability to dive into details when needed
• Experience implementing Zero Trust architectures
• Proficiency in scripting/automation (Python, PowerShell, etc.)
• Strong understanding of threat detection and adversary tactics
• Excellent communication skills with the ability to influence stakeholders at all levels
• Experience operating in regulated financial services environments
• Strong verbal and written communication skills
• Fluent in Portuguese and English

Benefits

• Comprehensive benefits package including a total compensation program consisting of:
  • Competitive salary
  • Annual performance bonus
  • Equity for all full-time employees
• Healthcare with 100% employer-paid health and dental insurance
• Generous paid time off (PTO)