As the Director of Security Engineering, you will help design and implement the vision of security strategies across CTC’s technology stack. This role requires both a team leader and a hands-on technologist who can guide engineers, mentor talent, and collaborate across departments to ensure the security of our systems, applications, and infrastructure. You will be responsible for building secure architectures, driving the implementation of security strategies, and ensuring alignment with CTC’s business objectives.

What You’ll Do

• Lead the Security Engineering Team: Manage and mentor a small team of security engineers, driving projects and consulting with CTC technology teams on secure strategies and architecture.
• Implement Security Strategy: Architect, build, and implement scalable security solutions that protect CTC’s infrastructure, software, and data. You will lead the team at implementing the strategy for Zero Trust, network segmentation, and other advanced security initiatives.
• Oversee Security Architecture: Design security protocols and solutions across multiple environments, ensuring all systems, networks, and applications are secure from inception to deployment.
• Cross-Functional Leadership: Collaborate closely with engineering, development, IT, and business teams to ensure secure coding practices, network design, and infrastructure resilience.
• Threat Modeling & Vulnerability Management: Lead the team in performing threat modeling, vulnerability assessments, and code reviews, identifying and mitigating security risks in complex distributed environments.
• Automation & Efficiency: Direct the development of automated solutions for security monitoring, alerting, and incident response using infrastructure-as-code or scripting to enhance security operations.
• Research & Innovation: Stay at the forefront of cybersecurity technologies and trends. Evaluate emerging threats and technologies, ensuring CTC’s security posture adapts to new challenges.
• Security Project Leadership: Manage multi-functional security projects such as encryption, identity and access management (IAM), and network security architecture.

What We’re Looking For

• Leadership Experience: Demonstrated experience in leading and mentoring security engineering teams and driving a team to implement the CSO’s vision.
• Hands-on Technical Knowledge: The right person for this role will demonstrate both strong leadership and strong hands-on skills. While leading a team, the expectation is that the role will also be heavily engaged in the efforts being lead.
• Programming/Scripting Skills: Proficient in one or more languages such as Python, Go, or PowerShell, with a deep understanding of secure software development.
• Application Security Expertise: Practical experience with evaluating custom applications and infrastructure as code using static code analysis tools such as SonarQube, Checkmarx, or Semgrep.
• Cloud and Network Security: Deep understanding of cloud security models (AWS, Azure, Google Cloud) and networking principles (TCP/IP, DNS, routing). Experience implementing network segmentation, Zero Trust, and multi-cloud security architectures.
• Experience with CI/CD and Containerization: Knowledge of CI/CD pipelines, containerization technologies (e.g., Docker, Kubernetes), and the integration of security within development and deployment workflows.
• Innovative & Forward-Thinking: A continuous learner who is passionate about staying ahead of the curve in cybersecurity technologies and innovations. Ability to assess emerging threats and adapt security strategies accordingly.
• Cryptographic Knowledge: Familiarity with cryptographic protocols, key management, and secure communication strategies.