Director, Cybersecurity Engineering Job Description
We are more than a specialty finance company providing debt recovery solutions for consumers. We are a global team of over 4,000 employees whose daily mission is to empower consumers to begin their path towards financial recovery and build a better life for themselves and their families. We know that the only way to support this mission is by hiring exceptional people who bring a diversity of ideas, a collaborative spirit, and a passion for attaining breakthrough results. If you are results-driven, have a passion for helping others, and thrive in an innovative environment, this might be the right place for you!
The Director of Security Engineering and Architecture will have the opportunity to lead and grow a team of cybersecurity experts providing critical engineering, design, and integration services. The role will provide strategic direction for methodology, architecture, and business support as a leader in a global, fast-paced, and diverse organization. In this role you will manage our Security Architecture and Engineering functions, with a focus on designing a scalable approach to service delivery in support of the organization’s global growth. This will encompass supporting security assessments of infrastructure and applications, and defining security standards, developing and implementing security controls using Agile techniques.
The role will also provide security solutions around Applications, Infrastructure, Platform, and Cloud Services (IaaS/PaaS/SaaS). Must have an excellent track record and proven ability to produce effective, innovative solutions on an enterprise, global scale. Must continually evaluate the evolving cybersecurity industry to maintain currency and understanding of the latest innovations, technologies, and best practices.
- Lead, manage, mentor, and grow a team of security engineers and architects supporting a global corporation.
- Designs security reference architectures and associated security principles to support business projects, including necessary integration points across Encore
- Support assessments of critical security controls for the company’s cloud-based business applications and remediate security gaps
- Build template plans to assist with application migrations into different cloud deployment models.
- Evaluates designs and implements new cloud technology and processes to mature security controls.
- Designs and develop security architectures for the public, private, and hybrid clouds (Azure, AWS, GCP)
- Design and maintain and Application Security and software development lifecycle in conjunction with peer IT application and devops teams
- Work closely with Engineering, Infrastructure Services, and Application Development organizations to choose appropriate technology solutions and facilitates complete integration into the application environments
- Participates in the review of design principles and controls relating to third party solution providers.
- Facilitates design and deployment of orchestration and automation technologies to enable operational security teams to work more effectively
- 15+ years experience in security engineering, operations, governance, and compliance
- 8+ years of specific experience in cybersecurity engineering and architecture
- Practical security engineering background, with expert level knowledge of infrastructure security concepts including networking devices, identity services, web application security, encryption, penetration/vulnerability tools and endpoint security
- Demonstrated experience representing an organization's information security program in presentations and discussions with customers, partners and other external parties
- Broad technical security skills in multiple technology areas such as applications deployments, endpoints, data, infrastructure, cloud, DNS, PKI, Email, OS (Windows, MacOS, Linux), encryption, forensics, authentication, firewalls, proxies, identity and access control, BC/DR, remote access, and cryptography.
- Experience implementing controls and mitigating risks related to GDPR, ISO27001, SOC2 Type II, PCI, CCPA, FFIEC, and other information security and data privacy standards
- Experience implementing cloud security technologies, including encryption, network security, intrusion detection, and digital forensics in AWS, Azure, O365, and Google Cloud
- Strong business sense with an ability to balance "business value" vs "security risk"
- Good communication skills with an ability to build strong narratives to highlight the importance of security to employees internally and customers/shareholders externally, including both technical and non-technical audiences
- Ability to engage and articulate with Executive Management, Legal, Risk, 3rd-party, and IT teams.
- Ability to develop and document methods, standards, and guidelines.
- Excellent oral and written communication skills.
- Professional certification in information security or compliance (for example, CISSP, CISM, or CISA) required
What We Offer
We understand the important balance between work and life, fun and professionalism, and corporation verse community. We strive to support your career aspirations and provide the benefits you need to live a more fulfilling life.
Our compensation and benefits programs were created with an 'Employee-First Approach' focused on supporting, developing, and recognizing YOU. We offer a wide array of wellness and mental health initiatives, support volunteerism, and environmental efforts, encourage employee education through leadership training, skill-building, and tuition reimbursements, and always strive to provide promotion opportunities from within.
All these things are just a small way to show our employees that we recognize their value, we understand what is important to them, and we reward their contributions.
Encore Capital Group and all of its subsidiaries are proud to be an equal opportunity employer and value diversity at our company. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application and/or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation at Talent@mcmcg.com.