Objective: (summary about the position)Seeking a highly experienced Security Lead Engineer to lead the design, implementation, and continuous improvement of cybersecurity measures across our hybrid environment. This role requires overseeing infrastructure, application, and cloud security; managing threat detection and response systems; guiding the security posture of internally developed software; and ensuring regulatory compliance through GRC frameworks. The ideal candidate brings technical depth, leadership capabilities, and a proactive mindset to protect our digital assets and business operations.Responsibilities: 1. Security Architecture & Strategy Design, integrate, and maintain end-to-end security architecture for on-premises and cloud environments. Ensure secure network topology including segmentation, access control, and VPN tunnels. Lead development and enforcement of security policies, procedures, and best practices. Work closely with developers and IT architects to embed security into application and infrastructure design. 2. SOC, SIEM, and Threat Management Oversee the operation and tuning of Security Operations Center (SOC) including SIEM platforms. Manage endpoint protection through EDR and threat-hunting solutions. Manage and enhance email security systems to protect against phishing, malware, and spam, ensuring compliance with organizational security policies. Lead incident response efforts and develop threat prevention strategies. 3. Application and Cloud Security Supervise vulnerability scanning and penetration testing for internally developed applications. Lead WAF deployment and optimization to protect business-critical web applications. Implement security best practices and policy enforcement across multi-cloud environments 4. Governance, Risk & Compliance (GRC) Drive cybersecurity-related compliance programs (e.g., SOC 2 Type 2, ISO 27001). Lead cross-functional GRC initiatives and support internal/external audits. Manage security risk assessments and recommend mitigation strategies. 5. Documentation & Collaboration Maintain detailed documentation for security controls, policies, systems, and incidents. Plan and conduct quarterly security awareness sessions to educate staff on emerging cyber threats, security best practices, and the organization's security policies. Work collaboratively with software engineers, network teams, DevOps, and business units.