About the Role
iCapital is looking for a Vice President, Cyber Cloud Security Engineer to join the Security Engineering team within the Information Security organization. This role will establish and manage cloud security programs, build new security architecture, drive automation, and continuously identify and address security gaps across iCapital technology landscape. The ideal candidate is a deeply technical individual contributor who can research, design, and implement security technologies, and collaborate effectively across teams and functions.
Responsibilities
- Build and manage Cloud Security Programs across AWS, Azure, and GCP infrastructure.
- Design, implement, and validate secure cloud infrastructure architectures, ensuring new capabilities meet established security standards and requirements.
- Apply Zero Trust architecture principles and best practices across cloud infrastructure design and access models.
- Drive continuous detection, remediation, and resolution of cloud vulnerabilities and security misconfigurations, leveraging CSPM tooling (e.g., AWS Security Hub, Wiz, or equivalent) and automation to continuously improve and maintain cloud security posture.
- Build automation capabilities for continuous monitoring and alerting across cloud infrastructure.
- Partner with engineering teams to drive the adoption of security standards and best practices, embedding security early across the development lifecycle and supporting a shift-left security culture.
- Collaborate with the SOC to develop and strengthen cloud detection engineering capabilities.
- Assist the Risk and Governance teams with the development and implementation of cloud-related policies, procedures, and standards.
- Engage with Platform, DevOps, and Software Engineering teams to deliver security initiatives and provide security guidance to projects across the organization.
Qualifications
- 6–10 years of experience in cloud environments, with AWS as the primary platform, including proven hands-on expertise in cloud security architecture and infrastructure design.
- Relevant cloud or security certifications are a plus (e.g., AWS Certified Solutions Architect, AWS Certified Security – Specialty, CISSP, or CCSP).
- Proficiency with AWS-native security services, including IAM, Config, KMS, Secrets Manager, CloudWatch, CloudTrail, and GuardDuty.
- Experience with cloud identity and access architecture, including federation (e.g., Okta), RBAC, ABAC, and service-to-service authentication models.
- Hands-on experience with Infrastructure as Code tooling such as AWS CDK, CloudFormation, or Terraform.
- Scripting proficiency in at least one language (e.g., Python, Bash) for automation and security tooling.
- Experience securing containerized workloads, including Docker and Kubernetes, with specific exposure to AWS EKS.
- Familiarity with how compliance frameworks such as NIST CSF, CIS AWS Benchmarks, ISO 27001, and SOC 2 apply to cloud security controls and infrastructure.
- Commitment to staying at the forefront of cloud security trends, emerging threats, and evolving technologies.
- Experience with version control, CI/CD pipelines, and issue tracking tools, including GitLab, GitLab CI, and Jira.
- Strong verbal and written communication skills.
- Able to influence stakeholders and drive tasks to completion.
Benefits
The base salary range for this role is $170,000 to $200,000. iCapital offers a compensation package which includes salary, equity for all full-time employees, and an annual performance bonus. Employees also receive a comprehensive benefits package that includes an employer matched retirement plan, generously subsidized healthcare with 100% employer paid dental, vision, telemedicine, and virtual mental health counseling, parental leave, and unlimited paid time off (PTO).
We believe the best ideas and innovation happen when we are together. Employees in this role will work in the office Monday-Thursday, with the flexibility to work remotely on Friday.
iCapital is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, gender identity, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.