Key skills
AWSAzureCloudCyber SecurityIAMAzure ADEntra IDLeadershipCommunicationNetwork SecurityZero Trust
About this role
Role Overview
- Define, execute, and maintain HASI’s enterprise cybersecurity strategy, roadmap, and target security architecture.
- Establish and enforce cybersecurity policies, standards, and technical controls aligned to NIST CSF, CIS Controls, and regulatory requirements.
- Ensure cybersecurity is embedded into enterprise architecture, infrastructure design, cloud platforms, and technology initiatives from inception.
- Provide regular, risk-based reporting on cybersecurity posture, control maturity, and emerging threats to executive leadership.
- Serve as a hands-on security leader, actively configuring, implementing, and tuning security technologies and controls.
- Lead the implementation and ongoing management of security platforms including SASE, DLP, IAM, PAM, endpoint protection, SIEM, and network security solutions.
- Perform and oversee vulnerability identification, remediation, and validation across infrastructure, cloud, endpoints, and applications.
- Actively participate in threat detection, security monitoring, incident response, root cause analysis, and post-incident remediation.
- Manage and enhance SOC capabilities, including direct oversight of MSSPs and validation of alerts, detections, and response quality.
- Own and manage security across the Microsoft 365 ecosystem, including Entra ID (Azure AD), Exchange Online, SharePoint, OneDrive, Teams, and Defender platforms.
- Design, implement, and maintain Conditional Access policies, identity protection controls, and Zero Trust access models.
- Lead Mobile Device Management (MDM/MAM) strategy and implementation using Microsoft Intune, including device compliance, application protection, and data loss prevention controls.
- Develop, implement, and maintain CIS hardening baselines, security GPOs, and standardized secure workstation and server images.
- Ensure secure configuration and continuous hardening of Microsoft and endpoint environments in alignment with CIS benchmarks.
- Lead secure design and configuration of cloud environments (Azure, AWS), with a strong focus on defense-in-depth and least privilege.
- Implement identity-centric security controls, secure networking, logging, and monitoring across hybrid and cloud-native environments.
- Ensure security controls are integrated into automation, infrastructure-as-code, and modern IT delivery practices.
- Lead, mentor, and develop a team of cybersecurity professionals, while remaining technically engaged and hands-on.
- Establish clear expectations that balance strategic ownership with operational execution.
- Foster a culture of accountability, continuous improvement, and strong security engineering discipline.
- Partner with IT, risk, compliance, legal, and business teams to design solutions that are secure, scalable, and compliant
- Act as a trusted technical advisor on cybersecurity risks, control design, and mitigation strategies.
- Drive organization-wide security awareness and training programs to improve cyber hygiene and reduce human risk.
Requirements
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field
- 10+ years of progressive experience in cybersecurity or information security, with significant hands-on technical responsibility
- Demonstrated experience personally implementing and configuring security technologies, not solely managing teams or vendors
- Deep expertise in Microsoft 365 security, including Conditional Access, Intune (MDM/MAM), Defender, identity protection, and tenant hardening
- Strong experience implementing SASE, DLP, IAM, PAM, endpoint security, SIEM, vulnerability management, and Zero Trust architectures
- Proven experience developing and enforcing CIS hardening standards, security baselines, GPOs, and secure images.
- Experience with regulatory and compliance requirements (e.g., SOX, SOC 2)
- Ability to lead teams while remaining technically hands-on and execution-focused
- Excellent communication skills with the ability to translate technical risk into business impact
- Relevant certifications preferred: CISSP, CISM, CISA, CIS Controls Practitioner, Microsoft Security certifications, or equivalent.
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security