Business Development Representative at xorlab driving proactive lead generation in cybersecurity market. Collaborating closely with sales and marketing team to optimize lead development processes.
About the role
- Senior Information Security Engineer leading enterprise-wide cybersecurity initiatives at e.l.f. Beauty. Designing security solutions and collaborating with teams to safeguard systems and data.
Responsibilities
- Design, build, deploy, and maintain enterprise security technologies and solutions aligned with business objectives, compliance requirements, and the cybersecurity program.
- Develop, document, and enforce security policies, standards, and procedures based on frameworks such as NIST, CIS, ISO 27001, and SOX while advancing overall security maturity, governance, and processes.
- Lead strategic security initiatives, including Zero Trust architecture, Data Loss Prevention (DLP), Cloud Security, Network Segmentation, IAM, Endpoint Security modernization, and security automation.
- Manage and improve email security, DNS security, and other protective controls to defend against phishing, malware, data exfiltration, and domain-based threats.
- Lead vulnerability management programs and drive remediation efforts, providing visibility into risks and progress to stakeholders.
- Oversee incident response lifecycle—detection, analysis, containment, remediation, post-incident review—and continuously enhance disaster recovery and business continuity plans.
- Monitor and analyze security events and network activity (e.g., traffic analysis, host behavior, forensics, kill chain, Windows event analysis), tuning tools, and event correlation for accurate threat detection.
- Collaborate with IT, DevOps, and digital teams to embed security into system design, application development, deployment pipelines, and cloud infrastructure.
- Evaluate and review vendor and partner security practices to ensure alignment with organizational standards.
- Produce regular security dashboards and metrics to report on incidents, threats, and operational effectiveness.
- Lead security awareness training, mentor junior engineers, and guide cross-functional teams on secure design principles and best practices.
- Stay current on emerging threats, vulnerabilities, and technologies to enhance enterprise resilience.
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, or related field; Master’s preferred.
- 7+ years of experience in information security engineering, architecture, or operations.
- Expertise in cloud security (AWS, Azure, GCP), data protection, IAM/SSO/MFA, email and DNS security, and secure network architecture.
- Hands-on experience with key security technologies: firewalls, VPN, NAC, EDR/MDR, IPS/IDS, SIEM, DLP, vulnerability management, and email security platforms (Proofpoint, Mimecast, Microsoft 365 Defender).
- Strong understanding of Zero Trust, endpoint protection, DevSecOps, security automation, and scripting (Python, PowerShell, Bash).
- Proven ability to lead incident response, risk assessments, threat detection, and remediation efforts.
- Experience implementing DNS protection solutions (Cisco Umbrella, Cloudflare, Infoblox, Valimail).
- Knowledge of security frameworks and compliance standards: NIST CSF, CIS Controls, ISO 27001, SOX.
- Demonstrated success in leading security awareness programs, mentoring team members, and advancing security program maturity.
- Relevant certifications preferred: CISSP, CISM, CISA, GIAC, Microsoft Security certifications, AWS Security Specialty, Azure Security Engineer Associate.
- Strong communication, leadership, and ability to manage multiple security initiatives.
Benefits
- bonus eligibility (200% of target over the last six fiscal years)
- equity
- flexible time off
- year-round half-day Fridays
- hybrid 3 day in office, 2 day at home work environment
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Cyber Security Architect responsible for IT security compliance and cyber - risk management at a Swiss utility firm. Engaging with cross - functional teams to implement 'Secure - by - design' strategies.
Information Security Officer ensuring cybersecurity at an IT service provider for food and beverage sector. Developing strategies and overseeing security protocols while reporting to management.
Head of Information Security at Aurora shaping security strategy and governance in a software - focused global business. Leading security efforts to ensure resilience and compliance across operations.
Senior Security Engineer specializing in penetration testing and security strategies for fintech. Collaborating with teams to enhance security for AI applications and financial systems.
Principal Cyber Security Engineer for Identity Access Management at MSK managing identity solutions and advanced identity platforms. Partnering with stakeholders to align identity strategy and lead IAM initiatives.
Join The Missing Link as a Security Engineer, leveraging 3 - 4 years of IT Security experience. Lead projects in a collaborative environment with a focus on innovation and impact.
Engineer in Health, Safety and Environment for ArianeGroup focusing on industrial risk management. Involves audits, assessments, and safety training participation.
Senior Product Security Engineer at Red Hat focusing on security and compliance for digital sovereign products while collaborating across global teams and enhancing automation.
Security Engineer safeguarding K - 12 student data in several locations for EduTech startup. Designing secure software systems and ensuring data protection to comply with privacy standards.