AVP - Information Security
Listed on 2026-07-08
-
IT/Tech
Cybersecurity, Systems Engineer
Overview
Serve as the senior technical execution and delivery leader within our global Information Security organization. Accountable for the full lifecycle of security solution design, build, and operation across a complex, regulated multinational environment encompassing both U.S. and European operations. Responsible for developing and maintaining PRA’s information security posture in a manner that supports and improves the business, is efficient and effective within PRA’s technology environment, and enables usability and productivity for PRA’s employees.
This is a hybrid role onsite 3 days per week, working in either our Norfolk, VA office or our Charlotte, NC office.
Professional Experience/Qualifications- Minimum of 12 years of progressive experience in information security, with significant hands-on technical depth across both architecture and engineering functions
- Minimum of 5 years in a senior leadership role with direct management of security architects, engineers, or equivalent technical practitioners
- Minimum of 5 years operating in complex, regulated enterprise environments (financial services, healthcare, or equivalent)
- Minimum of 2 years of direct, hands-on experience implementing AI or ML capabilities within a security operations or engineering context
- Working knowledge of LLM-based enrichment, ML-based anomaly detection, or AI-assisted investigation workflows
- Understanding of AI-related security risks: hallucination, bias, data leakage, and model governance and how to operationalize mitigations
- Demonstrated track record of leading end-to-end security platform delivery — from requirements through design, build, and production operations
- Prior experience engaging executive and board-level stakeholders on technical security risk
- Bachelor s Degree required Masters preferred in Computer Science, Information Systems, Engineering, or a related technical field required
- Active certification(s) from the following are preferred: CISSP, CISM, CCSP, GIAC (GCED, GCSA, or equivalent), or cloud security certification (AWS Security Specialty, AZ-500, or equivalent)
- Minimum of 5 years of security architecture experience, including design of reference architectures and security review governance
- Minimum of 3 years of hands-on cloud security engineering experience across one or more major providers (Azure, AWS, GCP)
- Minimum of 3 years of experience with identity and access management architecture, including PAM, MFA, and Zero Trust principles
- Minimum of 2 years of experience with application security and SDLC integration (SAST, DAST, SCA, secure code review)
- Working knowledge of SIEM, XDR, and SOAR platforms — including tuning, integration, and detection engineering
- Proficiency in one or more scripting languages applied to security automation is highly preferred:
Python, Power Shell, KQL, SQL, or REST API development - Candidates who can script automation workflows, parse and enrich security telemetry, or build detection logic programmatically will be strongly favored
- This capability is considered a meaningful differentiator and is expected to grow in importance as the team s automation maturity matures
- Minimum of 2 years of direct, hands-on experience implementing AI or ML capabilities within a security operations or engineering context
- Working knowledge of LLM-based enrichment, ML-based anomaly detection, or AI-assisted investigation workflows
- Understanding of AI-related security risks: hallucination, bias, data leakage, and model governance and how to operationalize mitigations
This role operates with delegated authority from the CISO in the following areas:
- Final decision-making authority on security architecture standards, reference architectures, and design patterns across cloud, identity, endpoint, application, and network domains
- Vendor and tooling selection authority for security platforms and engineering solutions, within established budget thresholds and in coordination with IT Architecture
- Architecture review approval and exception management — the Director is the…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).