Head of Security Engineering - Senior Vice President

About the Role

iCapital is looking for a Head of Security Engineering to lead and evolve our security engineering function within a regulated financial services environment. This role combines strong technical depth, hands-on operational capability, and team leadership, ensuring our security architecture, tooling, and processes are scalable, resilient, and aligned with regulatory expectations.

You will manage a team of security engineers while remaining actively engaged in technical problem-solving, including supporting incident investigations and shaping secure architecture. You will partner closely with Engineering, DevOps, Infrastructure, and Technology/Development teams to embed security across the software development lifecycle and cloud environments.

Responsibilities

Leadership & Team Management

• Lead, mentor, and develop a team of ~5 security engineers across multiple domains
• Define team priorities and execute against the security engineering roadmap
• Foster a culture of ownership, automation, and continuous improvement
• Partner with the CISO and senior stakeholders on strategy, reporting, and risk alignment

Security Architecture & Engineering

• Own and evolve the firm’s security architecture and technology stack, including:
  • Cloud security (AWS/Azure/GCP, including CSPM/CNAPP)
  • Identity & Access Management (IAM), SSO, and Privileged Access Management (PAM)
  • SIEM, detection engineering, and logging architecture
  • CASB / SaaS security controls
  • Data protection (DLP, DSPM, encryption, key management)
  • Network security (firewalls, segmentation, zero trust architecture)
• Design and implement secure, scalable, cloud-native architectures
• Evaluate, select, and rationalize security tools and vendors

Cloud & Infrastructure Security

• Define and enforce security standards across:
• Cloud environments (AWS/Azure/GCP)
• Containers and orchestration platforms (e.g., Kubernetes, Docker)
• Infrastructure as Code (Terraform, CloudFormation)
• Implement least privilege access models and zero trust principles

DevSecOps & Secure Development

• Work closely with Engineering and DevOps teams to:
• Embed security into CI/CD pipelines and Infrastructure as Code (IaC)
• Implement secure coding practices and secrets management
• Perform threat modeling and secure design reviews
• Champion DevSecOps principles and shift-left security practices

Automation & Engineering Excellence

• Drive security automation and orchestration (SOAR) to scale operations
• Utilize scripting and programming (e.g., Python, PowerShell, Bash) to:
• Automate workflows
• Integrate tools
• Enhance detection and response capabilities
  
  

Define and report on security KPIs and KRIs to the CISO and senior leadership

Qualifications

• 10+ years of experience in information security or security engineering
• Proven experience leading and managing technical security teams
• Strong hands-on expertise across:
  • Cloud security (AWS/Azure/GCP)
  • Identity and access management (IAM/PAM)
  • SIEM and detection engineering
  • Network and infrastructure security
  • Data protection technologies (DLP, DSPM, encryption)
• Experience working closely with SOC teams and incident response
• Demonstrated ability to partner with engineering and DevOps teams
• CISSP (required)
• Additional certifications preferred:
  • CCSP, AWS/Azure Security certifications
  • GIAC (e.g., GCIA, GCIH) or equivalent

Key Skills & Attributes

• Strong balance of technical depth and leadership capability
• Hands-on, pragmatic approach with the ability to dive into details when needed
• Experience implementing Zero Trust architectures
• Proficiency in scripting/automation (Python, PowerShell, etc.)
• Strong understanding of threat detection and adversary tactics
• Excellent communication skills with the ability to influence stakeholders at all levels
• Experience operating in regulated financial services environments

• Strong verbal and written communication skills
• Fluent in Portuguese and English

Employees in this role will work fully remote. Every department has different needs, and some positions will be designated in-office jobs, based on their function.

Benefits

iCapital offers a comprehensive benefits package that includes a total compensation program consisting of competitive salary, annual performance bonus, and equity for all full-time employees; healthcare with 100% employer-paid health and dental insurance; and generous paid time off (PTO).

For additional information on iCapital Network, please visit https://www.icapitalnetwork.com/about-us Twitter: @icapitalnetwork | LinkedIn: https://www.linkedin.com/company/icapital-network-inc