Lead and evolve ARIVE’s security and infrastructure strategy, roadmap, and posture.
Lead, manage, and develop the existing security and infrastructure teams; serve as the executive-level decision maker on all security, infrastructure, and IT matters.
Partner across all teams to embed security into workflows and practices, champion secure-by-design standards, and assess emerging AI-driven threats and opportunities across the security landscape.
Lead the security of ARIVE’s core platform — ensuring protection of PII, mortgage data, and financial information at rest and in transit.
Govern application security standards including secure code reviews, SAST/DAST, API security, and penetration testing programs.
Govern authentication, authorization, and access control frameworks across all customer-facing and internal applications.
Drive threat modeling and security reviews for new features, integrations, and third-party connections.
Run a 24x7 security incident monitoring program across all platform, cloud, and endpoint environments.
Mature the SIEM/SOAR program, lead incident response across all severity levels, and drive automation to improve MTTD/MTTR.
Manage regular penetration tests, vulnerability assessments, and red-team engagements; track findings to closure.
Run and continuously improve ARIVE’s AWS cloud infrastructure, CI/CD pipelines, container orchestration, secrets management, and deployment automation across U.S. and India teams.
Govern environment segregation, access controls, promotion workflows, and platform reliability.
Define strategy to implement endpoint device and application protection enforcement, DLP, and enterprise security tooling standards across the organization.
Drive vulnerability scanning programs; maintain risk registers and remediation SLAs.
Run IT operations including identity/access management and internal tooling across U.S. and India.
Manage IT asset protection and lifecycle programs — procurement through secure disposal.
Partner with the Director of Compliance to execute SOC 2 controls implementation and support audit readiness.
Ensure GLBA and state privacy law adherence; lead vendor/third-party risk assessments and BC/DR planning.
Define scalable IT policies, standards, and onboarding/offboarding workflows in collaboration with HR, Finance, and Operations.

Requirements

15+ years of hands-on experience spanning cybersecurity, cloud infrastructure/DevOps, and IT operations, with 5+ years of leadership experience leading and scaling teams.
Proven track record building both a cybersecurity program and a cloud infrastructure/DevOps function at a high-growth company.
Deep proficiency with: AWS (IaC, multi-environment architecture), CI/CD pipelines, container orchestration, SIEM/SOAR, Zscaler, Intune, Kandji, EDR/AV, Google Workspace DLP, Okta/Auth0, GitHub Advanced Security, and Wiz.io.
Strong scripting/automation skills in Python, PowerShell, or Bash.
Experience with multi-environment deployment strategies, Sev-1/Sev-2 incident response, and SOC 2 Type II audit environments.
Experience securing distributed development teams across U.S. and offshore geographies.
Fintech or tech startup experience strongly preferred; familiarity with GLBA and financial services compliance a plus.
On the leading edge of AI technologies for security operations and infrastructure automation.
Exceptional communicator — equally effective presenting to the CEO and getting hands-on-keyboard with the team.
Bachelor’s in CS, Information Security, or equivalent experience. CISSP, GCIA, GCIH, OSCP, or AWS Solutions Architect certifications are a strong plus.

Benefits

Comprehensive health, dental, and vision
401(k)
flexible PTO

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecuritycloud infrastructureDevOpsincident responsevulnerability assessmentspenetration testingscriptingautomationsecure codingrisk management

Soft Skills

leadershipcommunicationcollaborationstrategic thinkingproblem-solvingteam managementdecision makingpresentation skillsadaptabilitymentoring

Certifications

CISSPGCIAGCIHOSCPAWS Solutions Architect