Leader of Security Engineering

Security Engineering Leadership:

• Lead and grow a high-performing security engineering team (cloud, platform, application security), setting roadmap, standards, and measurable outcomes.
• Establish engineering patterns that balance speed and control (secure defaults, automation-first, self-service guardrails).
• Own cloud security architecture for AWS: landing zone patterns, multi-account strategy, network segmentation, identity and access design, logging/telemetry baselines, and infrastructure hardening.

Encryption and Key Management (KMS is core):

• Own the enterprise encryption program in AWS, including KMS key policy design and governance (least privilege, separation of duties, break-glass, auditable admin/use roles).
• Define safe grant usage patterns and operational best practices for AWS services and applications.
• Own key lifecycle management: rotation strategy, aliasing/migration patterns, and recovery considerations.

Secure SDLC and Product Security:

• Embed security into the SDLC: threat modeling, secure coding guidance, code scanning, dependency controls, build-time checks, and release gates.
• Partner with Platform Engineering to harden runtime environments (containers, Linux, CI/CD runners, secrets management, service-to-service authentication).