AVP of Infrastructure Security

AVP of Infrastructure Security & Public Cloud About The Role We are seeking a seasoned AVP of Infrastructure Security & Public Cloud within a vast enterprise landscape. This pivotal role is responsible for the architecture, implementation, and management of core cloud security platforms that support Azure and GCP environments. Key areas include network security, identity and access management, secrets management, and firewall infrastructure. This position blends strategic product ownership with profound technical leadership. You will guide a team of proficient cloud and network engineers, establish technical standards, and champion automation across all infrastructure layers using DevSecOps principles and Infrastructure-as-Code. What You'll Do Develop and implement a comprehensive roadmap for enterprise cloud infrastructure security, ensuring alignment with architectural standards, regulatory mandates, and business objectives. Drive engineering efforts for cloud networking (VNets, VPCs, routing, peering, private endpoints, transit gateways) and perimeter security services (NGFWs, SASE, DNS, VPN). Manage enterprise identity and access management integrations, including Entra ID, managed identities, conditional access policies, and federation models. Supervise the design and governance of secrets management platforms like HashiCorp Vault or Azure Key Vault, ensuring secure credential storage, rotation, and lifecycle management. Apply zero-trust principles across cloud connectivity and access layers. Deploy automation pipelines using Terraform, GitHub Actions, and other CI/CD tools for consistent and auditable infrastructure provisioning. Lead the modernization of authentication and access solutions, incorporating passwordless technologies (FIDO2, Windows Hello for Business) and enforcing least-privilege access. Collaborate with cybersecurity, architecture, and compliance teams to address audit and regulatory remediation initiatives (e.g., PCI, SOX, NIST 800-53). Establish operational KPIs to monitor service uptime, delivery velocity, and control effectiveness. Manage and nurture a high-performing team of senior engineers, promoting a culture of technical excellence, accountability, and continuous improvement. What You Bring 10 years of progressive experience in infrastructure engineering, cloud security, or network security. 5 years of experience leading large technical teams or product groups within a complex, regulated environment. Extensive hands‑on expertise in Azure networking (VNets, NSGs, firewalls, ExpressRoute, Private Link) and related GCP networking concepts. Strong understanding of IAM, Entra ID, managed identities, and RBAC enforcement models. Practical experience with secrets management platforms (Azure Key Vault, HashiCorp Vault) and key rotation policies. Proven track record of designing and implementing secure multi‑cloud architectures through Infrastructure-as-Code (Terraform, GitHub Enterprise, CI/CD pipelines). Familiarity with modern perimeter and zero-trust architectures (SASE, ZTNA, segmentation). Exceptional communication and stakeholder management skills, with the ability to translate technical complexity into business impact. Nice to Have Certifications such as Azure Solutions Architect Expert, GCP Professional Cloud Architect, CISSP, or CISM. Experience in modernizing infrastructure security within large-scale financial or enterprise environments. Knowledge of container security (AKS/GKE), policy-as-code frameworks, and automation of compliance controls. Additional Information Seniority level: Mid‑Senior level Employment type: Full‑time Job function: Other Industries: IT Services and IT Consulting #J-18808-Ljbffr