Head of Security Engineering - Senior Vice President

About the Role iCapital is looking for a Head of Security Engineering to lead and evolve our security engineering function within a regulated financial services environment. This role combines strong technical depth, hands-on operational capability, and team leadership, ensuring our security architecture, tooling, and processes are scalable, resilient, and aligned with regulatory expectations. You will manage a team of security engineers while remaining actively engaged in technical problem-solving, including supporting incident investigations and shaping secure architecture. You will partner closely with Engineering, DevOps, Infrastructure, and Technology/Development teams to embed security across the software development lifecycle and cloud environments. Responsibilities Leadership Team Management Lead, mentor, and develop a team of ~5 security engineers across multiple domains Define team priorities and execute against the security engineering roadmap Foster a culture of ownership, automation, and continuous improvement Partner with the CISO and senior stakeholders on strategy, reporting, and risk alignment Security Architecture Engineering Own and evolve the firm’s security architecture and technology stack, including: Cloud security (AWS/Azure/GCP, including CSPM/CNAPP) Identity Access Management (IAM), SSO, and Privileged Access Management (PAM) SIEM, detection engineering, and logging architecture CASB / SaaS security controls Data protection (DLP, DSPM, encryption, key management) Network security (firewalls, segmentation, zero trust architecture) Design and implement secure, scalable, cloud-native architectures Evaluate, select, and rationalize security tools and vendors Cloud Infrastructure Security Define and enforce security standards across: Cloud environments (AWS/Azure/GCP) Containers and orchestration platforms (e.g., Kubernetes, Docker) Infrastructure as Code (Terraform, CloudFormation) Implement least privilege access models and zero trust principles DevSecOps Secure Development Work closely with Engineering and DevOps teams to: Embed security into CI/CD pipelines and Infrastructure as Code (IaC) Implement secure coding practices and secrets management Perform threat modeling and secure design reviews Champion DevSecOps principles and shift-left security practices Automation Engineering Excellence Drive security automation and orchestration (SOAR) to scale operations Utilize scripting and programming (e.g., Python, PowerShell, Bash) to: Automate workflows Integrate tools Enhance detection and response capabilities Define and report on security KPIs and KRIs to the CISO and senior leadership Qualifications 10+ years of experience in information security or security engineering Proven experience leading and managing technical security teams Strong hands-on expertise across: Cloud security (AWS/Azure/GCP) Identity and access management (IAM/PAM) SIEM and detection engineering Network and infrastructure security Data protection technologies (DLP, DSPM, encryption) Experience working closely with SOC teams and incident response Demonstrated ability to partner with engineering and DevOps teams CISSP (required) Additional certifications preferred: CCSP, AWS/Azure Security certifications GIAC (e.g., GCIA, GCIH) or equivalent Key Skills Attributes Strong balance of technical depth and leadership capability Hands-on, pragmatic approach with the ability to dive into details when needed Experience implementing Zero Trust architectures Proficiency in scripting/automation (Python, PowerShell, etc.) Strong understanding of threat detection and adversary tactics Excellent communication skills with the ability to influence stakeholders at all levels Experience operating in regulated financial services environments Strong verbal and written communication skills Fluent in Portuguese and English Employees in this role will work fully remote. Every department has diff ... (truncated, view full listing at source)