The Cybersecurity Manager (Architecture & Engineering) leads the design, implementation, and continuous improvement of ACMobility's cybersecurity architecture and infrastructure security controls.
The role ensures security is integrated across cloud, network, endpoint, identity, application, and OT environments, aligned with business goals, regulatory requirements, and industry best practices.
It requires a highly technical professional with strong expertise in security architecture, cloud, network, and security engineering, capable of both strategic leadership and hands-on execution.
Key Responsibilities
- Design and maintain enterprise security architecture aligned with business and operational needs, ensuring secure-by-design across infrastructure, cloud, applications, and networks
- Define security standards, baselines, and hardening guidelines; lead initiatives such as Zero Trust, IAM, segmentation, firewall, WAF, and VPN
- Secure multi-cloud and hybrid environments (AWS, Azure, GCP, Alibaba, Huawei), including infrastructure hardening and vulnerability management
- Oversee security monitoring, SIEM, EDR, logging, incident response, and technical remediation of security issues
- Conduct security risk assessments, architecture reviews, and ensure compliance with NIST, ISO 27001, CIS, and Data Privacy Act
- Support vendor risk reviews, audits, and cybersecurity policy enforcement
- Provide technical leadership, mentor teams, and collaborate with IT, engineering, and business units
- Present security risks and remediation plans to stakeholders and support security awareness initiatives
Qualifications
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or equivalent field
- 7–10 years of experience in cybersecurity, infrastructure security, network security, or security engineering
- At least 5 years of hands-on cybersecurity experience in enterprise environments
- Strong experience in cloud security (AWS, Azure, GCP, or equivalent platforms)
- Experience leading or managing at least one real incident response engagement
- Experience in regulated industries such as financial services, healthcare, automotive, or similar environments
- Strong understanding of:
- Security operations and monitoring
- Incident response and threat management
- Security architecture principles
- DevSecOps and cloud-native security
- Identity and access management
- Experience working with enterprise security tools, vendors, and technology platforms
Framework Knowledge
- NIST Cybersecurity Framework (NIST CSF)
- ISO/IEC 27001
- CIS Benchmarks
- Zero Trust Architecture principles
Preferred Certifications (at least three)
- CISSP
- CISM
- CCSP
- AWS Certified Security – Specialty
- Microsoft AZ-500 or SC-200
- OSCP
- Cisco / Fortinet / Palo Alto security certifications
- GIAC certifications (GCIH, GCIA, GCFE, etc.)
- CompTIA CySA+ or PenTest+
- TOGAF or SABSA
