×
Register Here to Apply for Jobs or Post Jobs. X

AVP, AWS Security Engineer

Job in Fort Mill, York County, South Carolina, 29715, USA
Listing for: LPL Financial Holdings, Inc.
Full Time position
Listed on 2026-06-28
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Information Security
Job Description & How to Apply Below
Where Ambition Meets Innovation

Build a career that matches all your initiative with an impressive dose of innovation. From cutting-edge resources and a collaborative environment to the freedom to make an impact and more, you'll find the ingredients you need at LPL Financial to shape your success while helping clients pursue their financial goals.

At LPL, security is everyone's responsibility - and the Security & Governance pod within our Cloud Center of Excellence is where that responsibility becomes a property of our AWS landing zone. As AVP, Security & Governance, you raise LPL's cloud security posture to meet the standards of our enterprise Information Security organization and the application and infrastructure teams shipping into the landing zone.

Security & Governance is involved in every aspect of CCOE, so you partner closely with the Network Engineering pod within Foundations and collaborate with every other CCOE team and pod. You codify controls in Security Hub CSPM and AWS Config (including custom conformance packs), partner with Security Engineering on Wiz signal, and support our enterprise vulnerability management team - all while staying hands-on in AWS and Terraform.

If you'd rather codify a control once than chase it ten times, and want to operate as the security partner to every engineering team in our cloud, this is your seat.

Job Overview:

As the AVP, AWS Security Engineer, you are a hands-on senior cloud security engineer in the Security & Governance pod within the Foundations team in LPL's Cloud Center of Excellence (CCOE). At LPL, security is everyone's responsibility, and Security & Governance is involved in every aspect of CCOE - so you partner closely with the Network Engineering pod within Foundations and collaborate with every other team and pod across CCOE (Foundations, Platforms, Containers, Support, Delivery) to raise our cloud security posture to meet the standards of LPL's enterprise Information Security organization and the application and infrastructure teams delivering into our AWS landing zone.

You codify controls today in Security Hub CSPM and AWS Config - including custom conformance packs - and you help adopt additional control-management systems as the landscape evolves. You partner with the Security Engineering team within LPL's Information Security organization (a peer of Security Architecture), which manages Wiz, to jointly monitor Wiz signal and drive resolution of Wiz findings; you separately drive resolution of Security Hub findings within CCOE (the two often diverge).

You support LPL's enterprise vulnerability management department on cloud-workload findings rather than owning vulnerability management end-to-end, and you contribute directly to the Account Factory for Terraform (AFT) foundational base layer so security baselines are codified into the platform. LPL is an AWS-first CCOE: a multi-account landing zone with 100+ private reusable Terraform modules that enable 60+ AWS services, all delivered through Terraform Cloud and Git Hub Actions.

You spend the majority of your time hands-on in Terraform, security-findings triage, control authoring, and incident response across LPL's US offices and India Global Capability Center (GCC).

Responsibilities:
  • Codify and continuously improve LPL's cloud control library
    - Security Hub CSPM as today's AWS-native control system, AWS Config with custom conformance packs to express controls as code, and additional control-management systems as the landscape evolves - and triage, investigate, and drive resolution of Security Hub findings within CCOE
  • Partner with the Security Engineering team within LPL's enterprise Information Security organization (a peer of Security Architecture), which manages Wiz, to jointly monitor Wiz signal and drive resolution of Wiz findings, recognizing that Wiz and Security Hub findings frequently diverge
  • Contribute directly to the Account Factory for Terraform (AFT) foundational base layer - security-control modules, Service Control Policies, AWS Config conformance packs, and reference patterns - so the secure-by-default posture is a property of the platform every account inherits
  • Support LPL's enterprise vulnerability management department on cloud-workload findings: assist with triage, prioritization, and remediation guidance for findings that originate in or affect AWS, without owning vulnerability management end-to-end
  • Operate as the security & governance partner across every CCOE team and pod
    - Foundations (Fin Ops, Functional Design Engineering & Strategy, Network Engineering, Monitoring), Platforms, Containers, Support, and Delivery - since Security & Governance is involved in every aspect of CCOE; embed security and governance review into design, code, and delivery touchpoints
  • Partner closely and day-to-day with the Network Engineering pod within Foundations (VP, AVP, and engineers) on shared network-security controls: segmentation and micro-segmentation, ingress/egress inspection, encryption in…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary