SRM Technologies logo
SRM Technologies

Helping automotive, healthcare, logistics & consumer sectors thrive with integrated Digital & Engineering solutions!

Corporate Security Architect

Security EngineerSecurity EngineerFull TimeRemoteLeadTeam 501-1,000Since 1998H1B No SponsorCompany SiteLinkedIn

Location

India

Posted

4 days ago

Salary

0

Seniority

Lead

Bachelor Degree8 yrs expEnglishCloudCyber Security

Job Description

Corporate Security Architect

SRM Technologies

• Conduct security assessments of third-party vendors, suppliers, and service providers. • Review SOC 2 reports, ISO 27001 certifications, penetration testing reports, security questionnaires, and architecture documentation. • Assess controls related to data protection, IAM, infrastructure security, incident response, and business continuity. • Document findings, risk ratings, remediation recommendations, and approval decisions. • Perform security reviews of SaaS platforms, enterprise applications, and corporate technology solutions. • Evaluate authentication, authorization, data handling, integrations, logging, monitoring, and security posture. • Assess emerging technologies, including AI-enabled solutions. • Execute assessments in accordance with established standards and procedures. • Maintain complete assessment documentation, evidence, findings, and recommendations. • Track remediation activities and assessment status.

Job Requirements

  • Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related field.
  • 8+ years of experience in Information Security, Security Architecture, Risk Management, or Corporate Security.
  • Experience operating TPRM/TPRA programs.
  • Experience conducting security reviews of SaaS applications, cloud services, and enterprise technologies.
  • Strong understanding of NIST CSF, ISO 27001, SOC 2, CIS Controls, cloud security principles, and IAM.
  • Experience reviewing vendor security documentation and performing risk-based assessments.
  • Strong written communication skills and cross-functional stakeholder engagement experience.

Benefits

  • Health insurance
  • Retirement plans
  • Paid time off
  • Flexible work arrangements
  • Professional development

Related Categories

Related Job Pages

More Security Engineer Jobs

Xello logo

Director of IT & Security

Xello

Xello is the only online college and career readiness program that’s inclusive, engaging, and empowering for your entire district community. Established in 1997, Xello is currently used by over 20,000 institutions across North America, including schools, employment agencies, libraries, colleges, and universities. Xello’s mission is to help anyone, anywhere in the world create a successful future through self-knowledge, exploration, and planning. Started by three friends who sought a way to answer the “what’s the right path for me” question, our online software programs are used globally by millions of students, educators, and adults. Xello is committed to continually updating and improving our products to better serve clients now and in the future. To this end, we invest heavily in research and development, we listen carefully to our clients'​ needs and expectations, and we seek out complementary partnerships and alliances to ensure Xello remains at the forefront of future readiness.

Full TimeRemoteTeam 250Since 1997

Role Description As Director of IT and Security, you will lead Xello’s IT operations and security initiatives which include data privacy and compliance in the education space. Managing the IT team, you will be responsible for developing, implementing, and monitoring security/confidentiality/business continuity/disaster recovery controls. Working with directors and executives, you will help determine acceptable levels of risk for the organization. You will design and implement comprehensive security evaluations and provide architectural/design guidance for mitigation strategies using current and emerging cloud technologies. As a manager, you will be leading and mentoring our IT team to deliver on security, privacy, and IT objectives. Reporting to the VP of Engineering, you will ensure the efficient operation of the company’s network, servers, and equipment. What you’ll do… - Lead IT department operational planning and projects in an Agile environment. - Take ownership over our information security roadmap. - Ensure compliance with regulations, best practices, and customer data sharing agreements, including (but not limited to): PIPEDA, FERPA, COPPA, GDPR, CCPA. - Conduct organization-wide security awareness training and work with engineers to ensure best practices are met in the SDLC. - Stay updated on the latest threats and security practices. - Liaise with Xello’s sales department and customers to support security-focused aspects of RFPs and review customer data sharing agreements for compliance. - Oversee reporting and documentation related to network and systems operations. - Work with stakeholders to define business and system requirements for new technology implementations. - Develop maintenance schedules for network and systems equipment. - Analyze existing operations and make recommendations for the improvement and growth of the network infrastructure and IT systems. - Coordinate all major incidents ensuring timely updates to senior management and the business, conduct post-mortem reviews, and follow through on action items. - Provide leadership to team members through coaching, performance evaluations, training plans, and career development plans. - Serve as the key interface with internal and external auditors for security compliance related activities. - Protect confidential and private information and uphold the ethics and integrity of Xello’s code of conduct. Qualifications - 10+ years experience in IT and 2 years of experience in a people management capacity. - Proven experience owning and leading SOC 2, ISO 27001, and related security/compliance audit programs. - Deep knowledge of web application security, and understanding of vulnerabilities and countermeasures. - Strong knowledge of networking, telecom, and server technologies. - Strong understanding of project management principles. - Experience securing production software systems. - Experience with incident management lifecycles. - Proven experience in IT infrastructure planning and development. - Positive attitude and a great team player. - University or college degree with a technical major, such as Engineering or Computer Science. Great if you also have… - Knowledge of Agile principles and practices. - Information Security Certifications - CISSP, CISM, CIPM. - CCNA, CCNP, or other network certifications. Compensation The compensation range for this role is $155,000 - $175,000 CAD. The final offer will be determined based on the candidate's experience and expertise, as assessed during the interview process. Benefits - Flexible work arrangements including hybrid and remote. - 4 weeks of vacation. - Employer-paid health and dental benefits. - 4-month top-up for parental leave. - Group RRSP with 3% matching. Company Description We are Xello (CASCAID in the UK), the leading developer of future readiness programs in North America and the UK and soon the world! Our mission is to help anyone, anywhere in the world to create a successful future through self-knowledge, exploration, and planning. We believe that by bringing our best selves to our work and collaborating with one another, we can change the world. We are a very diverse group of individuals who work hard, laugh often and share in each other’s lives. We are an inclusive, equal opportunity employer.

Canada
C$155K - C$175K / year
Aprio logo

Senior Cybersecurity Engineer

Aprio

Top 35 business advisory and CPA firm helping clients and team members achieve what's next.

Full TimeRemoteTeam 1,001-5,000H1B Sponsor

Senior Cybersecurity Engineer Job Description: Atlanta, GA / Hackensack, NJ / Washington, D.C. / Austin, TX / Boston, MA / Charlotte, NC / Dallas, TX / Denver, CO / New York, NY / Philadelphia, PA / Chicago, IL / Rockville, MD Business Operations - Information Technology / Full Time / Remote Work with a Top 20 CPA and advisory firm that Accounts for Anything. Aprio has 40 U.S. office locations, as well as international office locations and more than 3,200 team members that speak 60+ languages across the globe. By bringing together proven expertise, deep understanding, and strategic foresight for fast-growing industries, Aprio ensures clients are prepared for wherever life or business may take them. Discover a top-rated culture, vast growth opportunities and your next big career move with Aprio. Join Aprio''s Information Technology team and you will help clients maximize their opportunities. Aprio is a progressive, fast-growing firm looking for a Senior Cybersecurity Engineer to join their dynamic team. Aprio's Cybersecurity Engineering team builds and operates the controls that make the firm defensible: identity, network segmentation, cloud security baselines, endpoint, monitoring, encryption, and vulnerability management. The Senior Cybersecurity Engineer is the senior individual contributor on that team - the engineer who takes a control domain from "documented" to "running cleanly in production," sets the standard for how it's done, and pulls the Mid and Associate engineers up with them. This is a hands-on engineering role that also leads cross-team initiatives. This position supports U.S. Government engagements that may involve Controlled Unclassified Information (CUI) and requires access to export‑controlled technical data. In accordance with CUI and U.S. export control regulations, this position is limited to 'U.S. persons' (including U.S. citizens, lawful permanent residents, and certain protected individuals) as defined in 22 C.F.R. § 120.62. These requirements are only tied to this specific job posting. We are an equal opportunity employer and all Aprio employment decisions are made in accordance with applicable laws. What You''ll Do: - You will own the operational health of one or two engineering domains, lead cross-team initiatives that touch multiple control areas, and design the patterns the rest of the team executes against. - You're the engineer who can take a tool from "purchased" to "deployed, tuned, and instrumented," the partner Cloud Ops and Identity call when they need a security pattern that actually works, and the senior who makes the Mid and Associate engineers better through pairing, code review, and clear standards. - You'll also be a senior voice in architecture and decision conversations alongside the Principal Engineer and the Manager. Key Responsibilities: - Domain ownership: Own the operational health of one or two engineering domains (identity, network/segmentation, cloud security baselines, monitoring/logging, encryption/key management, endpoint, vulnerability management, configuration management). Keep them measurably healthy and improving. - Cross-team initiatives: Lead initiatives that span Security, IT, Identity, Cloud Operations, and delivery teams - controlled rollouts, control set hardening, tool migrations. Land them without breaking production. - Architecture and standards: Design new control patterns and reference architectures. Write the decision records, runbooks, and standards the team executes against and the auditors review. - Controlled rollouts: Lead the end-to-end deployment of new control sets (e.g., bringing a new EDR online, hardening a new cloud account, standing up new logging pipelines) - pilot, measure, expand, document. - Mentorship: Pair with Mid and Associate engineers, run design reviews, give substantive code/config review, and grow the next tier. Quality of output from less senior engineers is part of your scope. - Operational partnership: Be the senior partner Cloud Ops, Identity, IT Service Management, GRC, and the SOC call when they need security engineering input. Solve problems with them, not at them. - Detection/response engineering support: Partner with Detection Engineering and the SOC on logging coverage, telemetry quality, and the engineering pieces of response (privileged access tooling, isolation capabilities, evidence capture). - Evidence and audit readiness: Produce control evidence and architecture documentation that holds up under audit and peer review. Keep your domains' evidence map current. - Automation: Push toward repeatable, codified controls (IaC, policy-as-code, automated evidence collection) instead of one-off manual work. What Success Looks Like: First 30-60 days: You can operate your priority domains safely on Aprio's tooling, you've assessed current control posture, and you've published a prioritized remediation backlog for at least one domain. By 90 days: You're leading at least one cross-team initiative, you've published or substantially revised at least one architecture pattern or decision record, and you're an active mentor to the Mid and Associate engineers. By 6-12 months: Your domains have measurably improved control health (less drift, cleaner evidence, faster remediation, fewer escalations). At least one controlled rollout has landed cleanly. Less senior engineers on the team are visibly better because of how you work with them. Required Qualifications: - 5+ years in security engineering, with hands-on responsibility for implementing controls across identity, network, cloud, endpoint, and/or monitoring. - Strong fundamentals in IAM, network segmentation, encryption / key management, and centralized logging / monitoring. - Experience with at least one major cloud platform (Azure, AWS, GCP) in a security-engineering capacity. - Ability to produce clear architecture documentation, runbooks, and decision records that hold up under audit and peer review. - Excellent written and verbal communication; able to explain tradeoffs across Security, IT, and delivery audiences in plain language. - Comfortable mentoring less senior engineers and owning quality-of-output for one or more domains. Preferred Qualifications - Regulated-environment experience (CMMC, NIST 800-171, NIST 800-53, FedRAMP-aligned, SOC 2, ISO 27001, HIPAA, PCI). - Infrastructure-as-code experience (Terraform, Bicep, Pulumi) and policy-as-code (Sentinel, OPA). - Security tooling integration experience (SIEM, EDR, vulnerability scanning, IAM, secrets management). - Industry certifications (one or more): CISSP, CCSP, GIAC (e.g., GCED, GPEN, GCWN), AZ-500, AWS Security Specialty. - Experience supporting a SOC's detection/response engineering needs. - Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or related field - or equivalent applicable years of experience $100,000 - $125,000 a year The salary range for this opportunity is stated above. As such, an actual salary may fall closer to one or the other end of the range, and in certain circumstances, may wind up being outside of the listed salary range. The application window is anticipated to close on July 27th and may be extended as needed. Why work for Aprio: Whether you are just starting out, looking to advance into management or searching for your next leadership role, Aprio offers an opportunity to grow with a future-focused, innovative firm. Perks/Benefits we offer for full-time team members: - Medical, Dental, and Vision Insurance on the first day of employment - Flexible Spending Account and Dependent Care Account - 401k with Profit Sharing - 9+ holidays and discretionary time off structure - Parental Leave - coverage for both primary and secondary caregivers - Tuition Assistance Program and CPA support program with cash incentive upon completion - Discretionary incentive compensation based on firm, group and individual performance - Incentive compensation related to origination of new client sales - Top rated wellness program - Flexible working environment including remote and hybrid options What's in it for you: - Working with an industry leader: Be part of a high-growth firm that is passionate for what's next. - An awesome culture: Thirty-one fundamental behaviors guide our culture every day ensuring we always deliver an exceptional team-member and client experience. We call it the Aprio Way. This shared mindset creates lasting relationships between team members and with clients. - A great team: Work with a high-energy, passionate, caring and ambitious team of professionals in a collaborative culture. - Entrepreneurship: Have the freedom to innovate and bring your ideas to help us grow to become the CPA firm of choice nationally. - Growth opportunities: Grow professionally in an environment that fosters continuous learning and advancement. - Competitive compensation: You will be rewarded with competitive compensation, industry-leading benefits and a flexible work environment to enjoy work/life balance. EQUAL OPPORTUNITY EMPLOYER Aprio is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race; color; religion; national origin; sex; pregnancy; sexual orientation; gender identity and/or expression; age; disability; genetic information, citizenship status; military service obligations or any other category protected by applicable federal, state, or local law. Aprio, LLP and Aprio Advisory Group, LLC, operate in an alternative business structure, with Aprio Advisory Group, LLC providing non-attest tax and consulting services, and Aprio, LLP providing CPA firm services. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Illinois + 10 moreAll locations: Illinois | Maryland | Georgia | New Jersey | District Of Columbia | Texas | Massachusetts | North Carolina | Colorado | New York | Pennsylvania
$100K - $125K / year
Full TimeRemoteTeam 51-200Since 1973H1B No Sponsor

• The Cyber Security Engineer will serve as a key member of SES Space & Defense's growing Cyber Organization, supporting program cybersecurity initiatives across mission-critical government and satellite communications environments. • This role is responsible for helping ensure systems remain compliant, resilient, and ready to meet evolving customer and regulatory requirements throughout the program lifecycle. • The successful candidate will provide hands-on support across cybersecurity engineering, vulnerability management, continuous monitoring, and certification activities while partnering closely with program managers, systems engineers, and operational teams. • Acting as a trusted technical resource, this individual will help integrate security into system design, implementation, and sustainment efforts from the earliest stages of development. • Ensure system compliance within the Cybersecurity Maturity Model Certification (CMMC) framework and associated policies, procedures, and guidelines. • Provide hands-on cybersecurity support, guidance, and quality assurance for projects, programs, and team members. • Serve as a Subject Matter Expert (SME) on system certification and authorization activities. • Review customer-required security plans, including CONOPS, OPSEC documentation, standard practices, and operating procedures. • Interface with Program Management to ensure compliance with established security plans and customer directives. • Review, prepare, and maintain CMMC packages in accordance with NIST 800-171 and customer requirements.

Virginia

(Senior) Manager SAP Security

PwC Germany

Bei PwC Deutschland arbeiten wir daran, entscheidende Herausforderungen zu lösen, nachhaltige Ergebnisse zu schaffen und das Vertrauen in die Wirtschaft und Gesellschaft auszubauen. Als Teil unseres Deals Teams unterstützt du Unternehmen in allen Phasen des Deal Cycles: Vom Ermitteln geeigneter Kauf- bzw. Verkaufsoptionen bis zum Abschluss der Verhandlungen. Von der Unternehmens- und Marktanalyse, über die Beratung bei steuerlichen und rechtlichen Fragestellungen bis hin zur Integration. So hast du stets den gesamten Transaktionsprozess im Blick und es gelingt uns im Team, die Risiken geplanter Deals zu minimieren sowie den Nutzen zu maximieren. Dabei vereinen wir Branchen- und Funktionsexpertise mit leistungsstarken Tools im Sinne unseres "human-led and tech-powered"-Ansatzes. Arbeite mit uns an spannenden Projekten, mit einer unglaublichen Themenvielfalt eingebunden in eine flexible Gestaltung deines Arbeitstages. Contact Du hast Fragen zu dieser Position oder deiner Bewerbung? Melde dich gerne bei Claudia Schweers unter +49 211 9814675.

Role Description Für unseren Geschäftsbereich Risk & Regulatory suchen wir dich zum nächstmöglichen Zeitpunkt als (Senior) Manager SAP Security (w/m/d). - Analyse – Du führst mit deinem Team Sicherheitsanalysen, Risikoabschätzungen und Sicherheitsbewertungen in SAP-Umgebungen durch, um potenzielle Schwachstellen zu identifizieren. - Konzeption – Du definierst und implementierst mit deinem Team SAP-Sicherheitskonzepte, -maßnahmen und -kontrollen zur Stärkung der SAP-Umgebung unserer Mandanten. - Expertenunterstützung – Du bist eine der Kernansprechpersonen für unsere Mandanten im Bereich SAP Security. - Teamführung – Als Senior Manager stehst du deinem Team in allen wichtigen Fragestellungen zur Seite und trägst maßgeblich zum Erfolg der Projekte und des Fachbereichs bei. Qualifications - Du hast dein Studium der (Wirtschafts-)Informatik, Ingenieurswissenschaften oder einen vergleichbaren Studiengang abgeschlossen. - Du bringst 5 Jahre Erfahrung in SAP-Umgebungen mit Schwerpunkt auf SAP Security sowie Erfahrungen in einer internationalen Arbeitsumgebung und gutes Verständnis über die Anforderungen aus den verschiedenen Bereichen innerhalb internationaler IT-Organisationen mit. - Du bringst Kenntnisse im Bereich sicherheitsrelevanter Technologien, Methoden und Verfahren, sowie Kenntnisse in Technologien wie SecurityBridge, Werth-IT, Onapsis, XITING oder IBS-Schreiber mit. - Sehr gute Deutsch-/ und Englischkenntnisse in Wort und Schrift runden dein Profil ab. Benefits - Flexibilität – Deine Arbeitszeit und deinen Arbeitsort kannst du bei uns - in Abstimmung mit den betrieblichen Anforderungen und arbeitsrechtlichen Bestimmungen - selber bestimmen. Dabei gibt es keine Kernarbeitszeiten und du hast die Möglichkeit, im Home Office sowie in über 40 Ländern zu arbeiten. - Familie – Wir unterstützen dich sowohl zum Zeitpunkt der Geburt/Adoption sowie beim Wiedereinstieg nach deiner Elternzeit und darüber hinaus. Bei Bedarf unterstützen wir dich auch bei der Pflege von Angehörigen durch Vermittlung von Betreuungspersonen, Sonderurlaub oder Teilzeitmodellen. - Sicherheit – Für deine (finanzielle) Sicherheit haben wir verschiedene Versicherungspakete zusammengestellt (z.B. Auslandskrankenversicherungen oder Unfallversicherungen) sowie eine betriebliche Altersvorsorge. Darüber hinaus gewähren wir dir im Krankheitsfall eine Beihilfe zur Lohnfortzahlung auch über die gesetzliche Frist von 6 Wochen hinaus. - Gesundheit – Deine Gesundheit liegt uns am Herzen: Neben einer eigenen betrieblichen Krankenkasse bieten wir auch Vorsorgeuntersuchungen sowie Sportangebote an. Nimm an unserem kostenlosen Betriebssportprogramm teil oder profitiere von vergünstigten Beiträgen in diversen Fitnessstudios oder einer Urban Sports Club-Mitgliedschaft. - Das ist noch nicht alles – Wir möchten ein positives Arbeitsumfeld schaffen: Ein Umfeld, in dem flexibles und kreatives Arbeiten möglich ist, in dem Arbeit anerkannt und Leistung honoriert wird und auf das wir stolz sind. Alle Benefits findest du auf unserer Karriereseite. Contact Du hast Fragen zu dieser Position oder deiner Bewerbung? Melde dich gerne bei Beatrice Henze unter +49 69 9585-2222.

Germany