Security Delivery Manager

Description GSPANN is hiring a Security Delivery Manager to lead end-to-end enterprise security operations and programs. The role focuses on SOC operations, application and cloud security, vulnerability management, and driving measurable risk reduction across modern technology environments.

Role and Responsibilities

Operate and continuously improve a 24×7 Security Operations Center (SOC), covering alert triage, incident response, escalation management, and playbook development.

Conduct post-incident reviews and root cause analysis, integrate threat intelligence feeds, and run purple team exercises aligned to the MITRE ATT&CK framework.

Optimize detections to reduce Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), while maintaining operational dashboards and leading weekly and monthly performance reviews.

Implement and govern Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Dynamic Application Security Testing (DAST) within CI/CD pipelines.

Enforce security policy gates, manage Application Security Posture Management (ASPM), and track remediation SLAs and exploitability metrics.

Build threat models using STRIDE and LINDDUN, and manage security controls across GitHub and GitLab.

Plan and execute penetration testing across web, API, mobile, cloud, and network assets.

Lead red team and purple team exercises, and manage risk-based vulnerability programs using CVSS, EPSS, and Known Exploited Vulnerabilities (KEV).

Oversee attack surface management, asset inventory hygiene, patch orchestration, and exception governance.

Establish AI/ML security controls, including prompt injection defenses, data leakage prevention, adversarial testing, and model integrity validation.

Define usage policies for internal and external Large Language Models (LLMs), and implement logging, monitoring, and guardrails aligned with privacy requirements.

Manage Cloud Security Posture Management (CSPM), Cloud-Native Application Protection Platforms (CNAPP), and Cloud Infrastructure Entitlement Management (CIEM) across Azure, AWS, and GCP.

Implement Kubernetes and container security, Zero Trust architectures, Infrastructure as Code (IaC) scanning, secrets management, and cloud hardening baselines.

Develop cloud-native detection strategies and workload protection controls.

Enforce identity and access controls, including least privilege, Multi-Factor Authentication (MFA), Role-Based / Attribute-Based Access Control (RBAC / ABAC), and Privileged Access Management (PAM).

Manage joiner, mover, and leaver lifecycles, data classification, encryption, and Data Loss Prevention (DLP) programs.

Align the security program with ISO 27001/27002, SOC 2, PCI DSS, and HIPAA (if applicable).

Maintain risk registers, oversee control testing, support audits, manage remediation tracking, and handle security RFP/RFI responses.

Own the security services roadmap, quarterly OKRs, and budget management.

Manage vendors and Statements of Work (SOWs), prioritize initiatives aligned to business goals, and lead war rooms for Sev-1 incidents.

Translate security metrics into executive dashboards and provide proactive guidance to product and engineering teams.

Skills and Experience

Bachelor’s degree in Computer Science, Engineering, or equivalent; a Master’s degree is preferred.

12-15 years of experience in cybersecurity, with 6+ years leading SOC, Application Security, DevSecOps, or Vulnerability Management programs.

Strong hands-on experience across cloud security (Azure, AWS, GCP), Kubernetes, containers, microservices, and modern CI/CD platforms.

Industry certifications such as CISSP, CISM, CRISC, OSCP/OSWE/OSCE, CEH, CCSP, AZ-500, AWS Security Specialty, ISO 27001 LA/LI, or PCI ISA/QSA are desirable.

Excellent leadership, stakeholder communication, executive reporting, vendor management, analytical problem-solving, and change management skills.