Key skills
DevSecOpsCloud-native securityIncident responseApplication securityCybersecurity leadershipSoftware engineeringAutomationBudget managementCISSPCISMSANS/GIACCSSLPOSCPCI/CDSREMulti-cloud environmentsAISaaSLeadershipZero Trust
About this role
Hyland is a company focused on providing innovative solutions, and they are seeking an Associate Vice President of Security Engineering & Operations. This role is responsible for building and scaling a high-performance security function that protects the business while enabling engineering and compliance teams, leading the Security Operations Center, and driving improvements in security posture and incident readiness.
Responsibilities:
- Build and lead a highly efficient, AI-enabled Security Operations Center (SOC), delivering threat detection, exposure management, posture management, incident response, and digital forensics capabilities
- Define and own KPIs for SOC performance (MTTD, MTTR, SLA adherence), engineering delivery, and coverage gap closure
- Manage a team to monitor for and respond to security events 24x7x365, and plan and execute regular incident response and postmortem exercises with measurable benchmarks
- Oversee and continuously improve DevSecOps/AppSec integration, embedding security into CI/CD pipelines, SCA/SAST/DAST tooling, secure code review, non-human identity/API security programs, and threat modeling
- Build and maintain strong relationships with stakeholders, sharing threat intelligence and best practices; lead engagement with engineering teams to implement new systems and processes
- Deep familiarity with cloud-native security architecture to act as a deeply embedded partner to architecture and development teams
- Direct and approve the design of security systems including zero trust architecture, network segmentation, and identity security
- Drive offensive and defensive security operations including red teaming and blue team resilience
- End-to-end ownership of multi-faceted and distributed Vulnerability management programs, including prioritization frameworks and release gates tied to business risk
- Set vision and collaborate with senior management to define and ensure success of departmental strategy, including budget management
- Provide managerial direction and oversee all aspects of performance management for direct reports and teams
- Drive continuous improvement through after-action reviews, tooling optimization, and process automation
- Develop future leaders within the team that aligns with the people strategy. Build a management team bench capable of meeting the demands of rapid growth
- Serve as an escalation point for complex and high-level issues; provide direction and guidance to assist with resolution of issues and removing obstacles for security and stakeholder teams
- Work with the leadership to plan the strategic vision, organizational structure, operating policies, and procedures and management practices to ensure the department delivers operational excellence
- Act as a strategic partner to product, engineering, and other technical teams to embed security into the acquisition, management, and software development lifecycle
Requirements:
- Bachelor's degree in computer science, information security, engineering, or related field
- 15+ years of progressive experience in cybersecurity or engineering leadership with at least 5 years in SaaS cloud-native environments
- Proven track record of leading incident response, application security, or DevSecOps functions at enterprise scale
- Deep expertise in DevSecOps, cloud-native security, software engineering, and automation
- Demonstrated fiscal responsibility/accountability in managing budgets with a track record for consolidating tooling expenses
- Certifications such as CISSP, CISM, SANS/GIAC, CSSLP, OSCP
- Exceptional ability to design, implement, and prove security effectiveness through evidence-based testing and measurable outcomes
- Exceptional knowledge of automation CI/CD, SRE, and multi-cloud operating environments
- Up to 10% of travel time required