Lead in tactical and strategic design and implementation of control sets for emerging technologies.
Delegating action and keeping senior stakeholders aligned.
Scope and own execution of assessments performed by third party consultants, ensuring remediation is adequately negotiated and ultimately enacted by other technology teams.
Reviewing target architecture designs, ensuring any security risks are understood and documented.
These changes include application updates, and modifications to network and identity provider configurations.
Reviewing security policies, standards, procedures, and metrics, and participating in security monitoring use case design.
Owning the continuous optimization of team workflows with the help of agentic technology and scrum tooling

Requirements

A minimum of 5 years of effective experience building and assessing enterprise systems.
Deep conceptual understanding of AWS and Azure, and their identity platforms.
Strong understanding of OAuth, OIDC, and modern access control.
Fluidity in designing and reviewing authorization flows.
Strong familiarity with adversary tradecraft, including identity and network perimeter attack primitives.
Able to produce PoC attack sequences, for controls testing.
Prior offensive security experience, or hands on offensive security certification strongly preferred.
Ability to accurately, and pragmatically threat model business workflow, identifying the areas of control required, and documenting them.
AI-first mindset; able to identify and act upon opportunities to automate analysis and administrative tasks, while improving the quality of assessment output.
Effective communicator, both in writing and speaking.
Strong organizational skills, with a proactive approach to enhancing team processes and tools.
Strong scripting or automation skills (Python, Go, PowerShell).
Understanding of security compliance frameworks (e.g., ISO 27001, NIST, SOC 2).

Benefits

Hybrid Work Environment: 2 to 3 days a week in office required based on your line of business and location
A Culture of Learning & Mobility: Dedicated trainings, leadership development and mentorship programs designed to ensure that your time at Fitch will be a continuous learning opportunity
Investing in Your Future: Retirement planning and tuition reimbursement programs that empower you to achieve your short and long-term goals
Promoting Health & Wellbeing: Comprehensive healthcare offerings that enable physical, mental, financial, social, and occupational wellbeing
Supportive Parenting Policies: Family-friendly policies, including a generous global parental leave plan, designed to help you balance career and family life effectively
Inclusive Work Environment : A collaborative workplace where all voices are valued, with Employee Resource Groups that unite and empower our colleagues around the globe
Dedication to Giving Back: Paid volunteer days, matched funding for donations and ample opportunities to volunteer in your community

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

AWSAzureOAuthOIDCPythonGoPowerShellsecurity compliance frameworksISO 27001NIST

Soft Skills

effective communicatorstrong organizational skillsproactive approachability to threat modelteam workflows optimizationstrategic designdelegationstakeholder alignmentcontinuous improvementautomation mindset

Certifications

offensive security certification