Senior Director, Information Security Engineering

This job is with JLL, an inclusive employer and a member of my Gwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly.

JLL empowers you to shape a brighter way .
Our people at JLL are shaping the future of real estate for a better world by combining world class services, advisory and technology for our clients. We are committed to hiring the best, most talented people  and empowering them to  thrive, grow meaningful careers and to find a place where they belong.  Whether you've got deep experience in commercial real estate, skilled trades or technology, or you're looking to apply your relevant experience to a new industry, join our team as we help shape a brighter way forward.
Senior Director, Attack Surface and Cloud Security Engineering

We are seeking a highly technical, strategic, and detail-oriented Senior Director of Cybersecurity Engineering to lead a specialized team dedicated to building the future of our automated defense. In this role, you will be responsible for the vision, architecture, and deployment of custom security automations that lessen manual toil, reduce our attack surface, and harden our cloud infrastructure.

The ideal candidate thrives in extremely dynamic environments and possesses the rare ability to bridge the gap between deep-tier engineering and executive strategy.

You are not just a manager; you are a builder who understands how to scale security through code, leveraging AWS and modern CI/CD patterns to stay ahead of an evolving threat landscape.

This position reports to the Head of Attack Surface Management and Security Architecture and is a part of the broader Global Attack Surface Management Team.

Primary Responsibilities

Strategic Leadership:  Define the roadmap for security automation and engineering, ensuring all custom-built tools align with the broader enterprise security strategy.

Team Empowerment:  Lead, mentor, and scale a high-performing team of security engineers and developers. Foster a culture of technical excellence and continuous learning.

Custom Automation Development:  Oversee the end-to-end lifecycle (design, dev, test, deploy) of custom security tooling, automated remediation workflows, and internal security products.

Cloud Security Architecture:  Direct the implementation of security controls within  AWS , ensuring that "Security as Code" is integrated into every layer of our cloud footprint.

CI/CD Governance:  Champion the integration of security into the Dev Ops pipeline, ensuring that automated scanning, linting, and policy-as-code are baked into the deployment process.

Operational Excellence:  Maintain high standards for code quality and documentation. Ensure all automations are resilient, observable, and easily maintainable.

Technical Communication:  Distill highly complex technical risks and architectural designs into clear, concise briefings for non-technical stakeholders and executive leadership.

Technical Communication:  Distill highly complex technical risks and architectural designs into clear, concise briefings for non-technical stakeholders and executive leadership.

Job Requirements
Leadership

Experience:

8+ years of experience leading technical teams, with a proven track record of delivering complex security or cloud engineering projects.

Technical Mastery:  Deep hands-on experience with  AWS services  (e.g., Lambda, IAM, Guard Duty, Cloud Trail) and modern development practices.

Automation & Dev:  Strong proficiency in at least one programming language (Python, Go, or similar) and a "developer-first" mindset toward security.

Pipeline Expertise:  Expert-level understanding of  CI/CD tools  (Git Hub Actions, Git Lab CI, Jenkins) and Infrastructure as Code (Terraform or Cloud Formation).

Organizational Prowess:  Exceptional organizational skills with the ability to manage multiple high-priority work streams in an environment that changes daily.

Communication:  Ability to articulate technical concepts with extreme clarity and brevity, whether in a deep-dive engineering review or a Board-level presentation.

This position does not provide visa sponsorship. Candidates must be authorized to work…