AVP, Security Engineer – Project Advisory, Information Security Services, Technology and Operations

About This Role

Seeking an experienced AVP to lead project advisory services, including threat modelling and risk assessments for key banking projects.

Responsibilities

• Conduct security risk assessments across business, application, and infrastructure initiatives.
• Perform threat modelling and recommend appropriate information security controls for key projects.
• Provide security advisory support throughout all phases of the project lifecycle.
• Carry out information security due diligence on third-party service providers, including on-site assessments where required.
• Clearly articulate identified risks and recommended controls to stakeholders, including senior management.
• Lead and drive the implementation of approved information security solutions.

Requirements

• Proven experience in system security reviews, security architecture assessments, or IT security audits.
• Broad experience in the information technology domain, preferably with exposure to information security, across areas such as AI, application architectures, cloud, containers, APIs, data platforms, and Microsoft 365.
• Demonstrated ability and willingness to work hands-on with emerging technologies and assess associated security controls.
• Relevant professional certifications (e.g., CISA, CISM, CISSP, GIAC) are advantageous.
• Working experience in performing system security reviews, security architecture reviews or IT security audits.
• Willingness to get hands on to explore new technologies and evaluate the controls.