Sr. Lead Cyber Security

To Apply for this Job
Job Description:
Senior Lead, Cybersecurity

Location:Remote
Job Type: Contract-to-Hire (6 month contract to hire)
Work Authorization: U.S. Citizen or Green Card Holder
Compensation: $125K–$140K on conversion

The Senior Lead, Cybersecurity is the primary hands‑on technical leader responsible for building, maturing, and overseeing the organization’s cybersecurity operations. This role plays a critical part in safeguarding systems, data, and customers across a cloud‑native, SaaS‑integrated environment.

Initially functioning as an individual contributor, this leader will assess existing tools, build a holistic cybersecurity program, establish governance and processes, and later grow into managing a small security team. The ideal candidate brings a blend of deep technical expertise, program‑building experience, and familiarity with enterprise‑level security practices.

• Build, scale, and oversee a comprehensive cybersecurity program including governance, vulnerability management, threat modeling, data protection, Dev Sec Ops  processes, and security operations.

• Act as a trusted security advisor, supporting leadership in evaluating business decisions and risk tradeoffs.

• Create and maintain SOPs, compliance controls, and security documentation.

• Develop and track KPIs/KRIs to measure security posture and report to senior leadership.

• Lead incident response, vendor risk management, identity and access management, vulnerability management, and security awareness initiatives.

• Maintain hands‑on experience with cloud‑native environments (GCP preferred but not required) including identity, access management, container security, and serverless architectures.

• Design and review secure architectures for new products, services, and integrations.

• Ensure secure API usage, cross‑cloud data flows, and third‑party interconnectivity.

• Apply zero‑trust principles, secure SDLC practices, and infrastructure‑as‑code validation.

• Configure and optimize existing security tools such as SIEM, next‑generation firewalls, data protection platforms, IAM solutions, and monitoring tools.

• Conduct risk assessments and map controls to industry frameworks (NIST CSF, ISO 27001, CIS Controls).

• Enhance detection, response, and threat hunting using the MITRE ATT&CK framework.

• Oversee data governance including classification, encryption standards, and DLP.

• Serve as the primary escalation point for security issues.

• Operate as an individual contributor for the first ~12 months while building the foundation of the security function.

• Eventually lead a team of security analysts, driving a collaborative, business‑aligned security culture.

• Bachelor’s degree, or equivalent experience (minimum of 4 years in IT/security).

• 4+ years progressive IT or cybersecurity experience, including 2+ years as a direct practitioner.

• 1+ year of cybersecurity team leadership (formal or informal).

• Hands‑on experience with cloud security (GCP preferred) and cloud‑native architectures.

• Strong experience with SIEM platforms, endpoint security, IAM, and network protection (firewalls/load balancers).

• Proven ability to build or scale security programs within a growing organization.

• Excellent communication skills with the ability to translate technical risk into business terms.

• Must hold at least 2 of the following
  : CCSP, CISSP, CIPP (all three preferred).

• Ability to pass a 10-year background check.

• Must be legally authorized to work in the U.S.

• Experience in travel, retail, airline, or other highly regulated industries.

• Familiarity with API security, container security, microservices, and zero‑trust models.

• Experience influencing security uplift in distributed or matrixed organizations.

• Additional certifications such as CISM, CRISC, CCSK, CISA.

• May need to respond to high‑priority incidents outside normal working hours.

• Professional appearance and regular attendance required.

• Opportunity to build a…