AVP, Information Security
Norfolk, North Carolina, United States of America
Full Time
1 day ago
No Visa Sponsorship
Key skills
AWSAzureCloudGoogle Cloud PlatformPythonSDLCSQLPowerShellAIMLLLMGCPGoogle CloudREST APILeadershipCloud SecurityZero Trust
About this role
Role Overview
- Serve as the senior technical execution and delivery leader within our global Information Security organization
- Accountable for the full lifecycle of security solution design, build, and operation across a complex, regulated multinational environment encompassing both U.S. and European operations
- Responsible for developing and maintaining PRA’s information security posture in a manner that supports and improves the business, is efficient and effective within PRA’s technology environment, and enables usability and productivity for PRA’s employees
- Direct management authority over Security Architects and Solutions Engineers and will be the primary decision-maker for security architecture standards, platform selection, tooling strategy, and engineering execution
- Working in close partnership with the CISO, IT Architecture, and Risk functions, translates enterprise security strategy into implementable, technically defensible controls that demonstrably reduce risk
Requirements
- Minimum of 12 years of progressive experience in information security
- Minimum of 5 years in a senior leadership role with direct management of security architects, engineers, or equivalent technical practitioners
- Minimum of 5 years operating in complex, regulated enterprise environments (financial services, healthcare, or equivalent)
- Minimum of 2 years of direct, hands-on experience implementing AI or ML capabilities within a security operations or engineering context
- Working knowledge of LLM-based enrichment, ML-based anomaly detection, or AI-assisted investigation workflows
- Understanding of AI-related security risks: hallucination, bias, data leakage, and model governance and how to operationalize mitigations
- Bachelor's Degree required, Masters preferred in Computer Science, Information Systems, Engineering, or a related technical field required
- Active certification(s) from CISSP, CISM, CCSP, GIAC (GCED, GCSA, or equivalent), or cloud security certification (AWS Security Specialty, AZ-500, or equivalent)
- Minimum of 5 years of security architecture experience, including design of reference architectures and security review governance
- Minimum of 3 years of hands-on cloud security engineering experience across one or more major providers (Azure, AWS, GCP)
- Minimum of 3 years of experience with identity and access management architecture, including PAM, MFA, and Zero Trust principles
- Minimum of 2 years of experience with application security and SDLC integration (SAST, DAST, SCA, secure code review)
- Working knowledge of SIEM, XDR, and SOAR platforms — including tuning, integration, and detection engineering
- Proficiency in one or more scripting languages applied to security automation is highly preferred: Python, PowerShell, KQL, SQL, or REST API development
Tech Stack
- AWS
- Azure
- Cloud
- Google Cloud Platform
- Python
- SDLC
- SQL
Benefits
- Drug free workplace
- Professional development opportunities