Head of Security Engineering - Senior Vice President

About the Role

iCapital is looking for a Head of Security Engineering to lead and evolve our security engineering function within a regulated financial services environment. This role combines strong technical depth, hands-on operational capability, and team leadership, ensuring our security architecture, tooling, and processes are scalable, resilient, and aligned with regulatory expectations.

You will manage a team of security engineers while remaining actively engaged in technical problem-solving, including supporting incident investigations and shaping secure architecture. You will partner closely with Engineering, DevOps, Infrastructure, and Technology/Development teams to embed security across the software development lifecycle and cloud environments.

Responsibilities

Leadership & Team Management

• Lead, mentor, and develop a team of ~5 security engineers across multiple domains

• Define team priorities and execute against the security engineering roadmap

• Foster a culture of ownership, automation, and continuous improvement

• Partner with the CISO and senior stakeholders on strategy, reporting, and risk alignment

Security Architecture & Engineering

• Own and evolve the firm’s security architecture and technology stack, including:

• Cloud security (AWS/Azure/GCP, including CSPM/CNAPP)

• Identity & Access Management (IAM), SSO, and Privileged Access Management (PAM)

• SIEM, detection engineering, and logging architecture

• CASB / SaaS security controls

• Data protection (DLP, DSPM, encryption, key management)

• Network security (firewalls, segmentation, zero trust architecture)

• Design and implement secure, scalable, cloud-native architectures

• Evaluate, select, and rationalize security tools and vendors

Cloud & Infrastructure Security

• Define and enforce security standards across:

• Cloud environments (AWS/Azure/GCP)

• Containers and orchestration platforms (e.g., Kubernetes, Docker)

• Infrastructure as Code (Terraform, CloudFormation)

• Implement least privilege access models and zero trust principles

DevSecOps & Secure Development

• Work closely with Engineering and DevOps teams to:

• Embed security into CI/CD pipelines and Infrastructure as Code (IaC)

• Implement secure coding practices and secrets management

• Perform threat modeling and secure design reviews

• Champion DevSecOps principles and shift-left security practices

Automation & Engineering Excellence

• Drive security automation and orchestration (SOAR) to scale operations

• Utilize scripting and programming (e.g., Python, PowerShell, Bash) to:

• Automate workflows

• Integrate tools

• Enhance detection and response capabilities

Define and report on security KPIs and KRIs to the CISO and senior leadership

Qualifications

• 10+ years of experience in information security or security engineering

• Proven experience leading and managing technical security teams

• Strong hands-on expertise across:

• Cloud security (AWS/Azure/GCP)

• Identity and access management (IAM/PAM)

• SIEM and detection engineering

• Network and infrastructure security

• Data protection technologies (DLP, DSPM, encryption)

• Experience working closely with SOC teams and incident response

• Demonstrated ability to partner with engineering and DevOps teams

• CISSP (required)

• Additional certifications preferred:

• CCSP, AWS/Azure Security certifications

• GIAC (e.g., GCIA, GCIH) or equivalent

Key Skills & Attributes

• Strong balance of technical depth and leadership capability

• Hands-on, pragmatic approach with the ability to dive into details when needed

• Experience implementing Zero Trust architectures

• Proficiency in scripting/automation (Python, PowerShell, etc.)

• Strong understanding of threat detection and adversary tactics

• Excellent communication skills with the ability to influence stakeholders at all levels

• Experience operating in regulated financial services environments

• Strong verbal and written communication skills

• Fluent in Portuguese and English

Employees in this role will work fully remote. Every department has different needs, and some positions will be designated in-office jobs, based on their function.

Benefits

iCapital offers a comprehensive benefits package that includes a total compensation program consisting of competitive salary, annual performance bonus, and equity for all full-time employees; healthcare with 100% employer-paid health and dental insurance; and generous paid time off (PTO).

For additional information on iCapital Network, please visit https://www.icapitalnetwork.com/about-us Twitter: @icapitalnetwork | LinkedIn: https://www.linkedin.com/company/icapital-network-inc