Director, Information Security Engineering

Position Summary:

We are seeking a visionary and experienced Director of Security Engineering to lead the development and execution of a comprehensive security engineering strategy. This role will focus on building and managing a high-performing security engineering team to safeguard the organization's assets, systems, and data. The Director will drive cross-functional collaboration to integrate security practices into all aspects of the business, ensuring alignment with industry standards and regulatory requirements.

The Director of Security Engineering is a senior leadership role responsible for designing, implementing, and managing enterprise-wide IAM strategies and security engineering initiatives. This position ensures the organization's systems, applications, and data are secure, compliant with regulatory standards, and aligned with business objectives. The Director will lead a team of security professionals to develop robust IAM and Zero Trust frameworks, enhance security posture, and drive innovation in security technologies.

The ideal candidate will possess a strong technical background, exceptional leadership skills, and the ability to influence stakeholders across the organization. They will play a critical role in shaping the company's security posture, enabling innovation while minimizing risk.

Key Accountabilities:

1. Leadership & Strategy:

• Develop and execute an enterprise IAM strategy (Zero Trust) aligned with business goals and regulatory requirements.
• Lead the design and implementation of Zero Trust architecture principles across the organization.
• Oversee security engineering initiatives to strengthen infrastructure, application, and data security.
• Collaborate with executive leadership to ensure alignment of security programs with organizational priorities.

1. Identity and Access Management:

• Manage IAM systems, including provisioning, authentication, SSO, MFA, etc.
• Implement least privilege access controls and ensure timely recertifications of user access.
• Manage the IAM engineering team.
• Implement universal SSO and MFA solutions.
• Optimize IAM automation and daily operations.

1. Security Engineering:

• Design and implement secure systems architecture.
• Develop and implement Zero Trust security frameworks.
• Create security tools to enhance security posture.
• Modernize security and compliance practices, including security by default and by design, and policy as code.
• Manage cloud security engineering initiatives.

1. Team Development:

• Build and mentor a high-performing team of IAM specialists and security engineers.
• Foster a culture of continuous improvement, staying updated on emerging threats and technologies.
• Collaborate with cross-functional security teams.
• Enhance overall security efficiency.

Key Competencies:

• Technical Competence: Deep understanding of information security, security operations, enterprise tools, and compliance.

• Adaptability & Growth: Ability to adapt leadership style and develop an understanding of the BCBSMA environment.

• Needs Analysis & Solution Proposals: Creative problem-solving skills considering organizational culture and context.

• Teamwork & Collaboration: Building trust, influencing, and representing multiple perspectives.

• Effective Communication: Clear, impactful communication tailored to the audience, influencing and negotiating skills.

• Urgency & Leadership: Proactive actions, leadership in project execution, and problem identification.

• Leadership Responsibilities: Cross-functional collaboration, influencing decisions, fostering process improvements, and empowering teams.

Background and Experience:

• BSc in Technology or Computer Science (Master's preferred), 10+ years of experience.
• CISSP certification required.
• Experience managing security engineering or operations teams in large enterprises.
• Proven leadership with senior technologists and engineers.
• Operational experience with enterprise SIEM and vulnerability tools.
• Strategic thinking, proactive risk management, and fostering collaboration.
• Passion for cybersecurity innovation.

#LI-Hybrid