Role Description The Security Engineer I – IT Auditor will report to the Audits and Assessments Security Engineering Manager in the Technology Department. This role is responsible for assessing the design and testing operating effectiveness of general computer controls and application controls and will also be responsible for conducting third-party (vendor) risk assessments for vendors and other external partners. Work collaboratively with control operators. Assess the risk posed by potential findings and present the findings to the 3rd Party Auditors and senior management. The IT Auditor will also need to stay aware of emerging technologies and risks. - Perform third-party (vendor) risk assessments, including reviewing security and compliance documentation, identifying control gaps, tracking remediation items, and communicating results to stakeholders. - Assist in planning audits, executing audit work, and preparing audit reports. - Develop a keen understanding of IT risks and control activities for information systems, technical infrastructure, data centers, computer operations, and key applications. - Perform general and application control reviews for simple to complex computer information systems, like Linux, Windows, and databases such as SQL Server, Oracle, and cloud platforms such as Azure. - Provide recommendations to improve control posture and strengthen IT processes identified through the course of audits and control testing. - Prepare and present written and oral issues/reports and other technical information in a pertinent, concise, and accurate manner for distribution to management. - Keep abreast with new technologies and IT control frameworks such as NIST Cyber Security Framework, NIST 800-171 publications, and Cloud Security Frameworks. - Other duties as assigned. Qualifications - Minimum required: 1-3 years of applicable experience in internal or external IT auditing, or security compliance and/or relevant experience in information technology. - Bachelor’s Degree in Information Technology, Cybersecurity or related field with focus on information systems preferred. - Technical Certifications a plus. - Experience with a leading internal/external IT audit professional firm. - Knowledge of the Financial Services Industry preferred. Requirements - Possess a combination of technology, security, and analytics skills. - Intellectual curiosity to find new and unusual ways of how to solve cyber security issues. - Ability to approach cyber security challenges while keeping an eye on what is important. - Experience interpreting, analyzing, and maintaining systems. - Ability to create and maintain respectful, strong working relationships with both IT and business units to integrate security principles with business operations. - Strong client service orientation. - Ability to prioritize, plan and take initiative and be highly self-motivated. - Strong verbal and written communication skills; positive attitude; ability to work as a team member. - Experience in a high availability environment preferred.

• Be the Identity Security Guru • Architect and Define Solutions • Own the Technical Delivery • Strategic Client Engagement • Proactive Problem Solving • Drive Expansion & Adoption • Technical Enablement • Internal Collaboration • Operational Excellence

Role Overview We are seeking a delivery-driven Security Engineering Lead to own and execute enterprise-wide security initiatives end-to-end. This role demands a hands-on technical leader who can translate security strategy into measurable business outcomes across key domains such as Data Loss Prevention (DLP), Microsoft Purview, Privileged Access Management (PAM), Identity Governance, and Vulnerability Management. You will operate at the intersection of strategy, execution, and stakeholder influence, ensuring security programs are delivered with precision, accountability, and operational excellence. 🎯 Key Responsibilities 1. Security Program Leadership & Delivery - Own full lifecycle of enterprise security programs (planning → execution → closure) - Lead multiple concurrent initiatives with strong focus on timelines, cost, and outcomes - Establish governance frameworks, KPIs, and reporting cadence - Drive cross-functional execution across global and matrixed teams 2. Data Loss Prevention (DLP) & Microsoft Purview (Mandatory) - Design and implement enterprise-grade DLP strategies across endpoints, email, cloud, and networks - Lead implementation and optimization of Microsoft Purview DLP capabilities - Define and operationalise data classification and labeling frameworks - Balance policy enforcement with business usability - Establish monitoring, incident response, and reporting structures 3. Privileged Access Management (PAM) - Lead implementation and governance of PAM platforms - Enforce controls, including credential vaulting, session monitoring, and JIT access - Drive adoption across infrastructure and application teams - Identify, assess, and remediate privileged access risks 4. Password & Credential Security - Define enterprise password and credential management strategies - Integrate with SSO, MFA, and identity platforms - Ensure secure identity lifecycle management (joiner/mover/leaver) - Promote organisation-wide credential security awareness 5. Penetration Testing & Vulnerability Management - Lead enterprise vulnerability management programs - Manage penetration testing engagements (internal + vendors) - Drive red team / purple team exercises with actionable outcomes - Partner with engineering teams to validate and close vulnerabilities - Deliver executive-level risk reporting 6. Identity Governance & Access Control - Implement Identity Governance & Administration (IGA)frameworks - Automate access certification and review workflows - Enforce RBAC and least-privilege principles - Support audit readiness and compliance evidence management 7. Stakeholder & Executive Communication - Act as a trusted advisor to business and executive leadership - Present security posture, risks, and program outcomes clearly - Collaborate with Legal, Compliance, HR, and Finance teams - Foster a strong security-first culture across the organization ✅ Required Qualifications Experience - 12+ years in cybersecurity, with 5+ years in leadership roles - Proven track record delivering large-scale enterprise security programs - Hands-on expertise in at least 4 of the following: - DLP (Microsoft Purview mandatory) - PAM - Identity Governance (IGA) - Password/Credential Management - Penetration Testing / Vulnerability Management - Experience in regulated or enterprise-scale environments Technical Skills - Strong experience with enterprise security platforms across: - DLP (especially Microsoft Purview) - PAM tools - IAM / IGA platforms - Vulnerability management tools - Solid understanding of cloud security (Microsoft Azure preferred) - Scripting/automation (PowerShell, Python, etc.) Education - Bachelor’s degree in Computer Science, Information Security, or related field - A master’s degree is a plus Certifications (Preferred) - CISSP / CISM / CRISC - CEH / OSCP - Microsoft Security / Azure certifications - PMP or equivalent 🌟 Key Competencies - Strong ownership mindset with outcome-driven execution - Excellent executive communication & stakeholder management - Ability to bridge deep technical expertise with strategic vision - Strong risk assessment and decision-making capability - Comfortable operating in fast-paced, high-impact environments

• Help reduce identified risks, respond to adversarial attacks while maintaining up-time of systems, and implement strategic risk mitigation measures to safeguard data. • Provide white glove service and support to internal and external stakeholders by addressing security questions and support issues as needed. • Mentor other engineers in how to best provide support. • Help in the identification and prioritisation of future project initiatives based on risk. • Execute on cross-functional projects with high degree of ownership and excellence. • Actively mentor team members and elevate the collective team’s capabilities and skill sets through peering and informal training.