Principal Infrastructure Security Consultant

26-13623

Onsite : San Antonio, TX

Infrastructure Security Consultant

ROLE OVERVIEW

We are seeking a Senior / Principal Infrastructure Security Consultant working on securing the firm's critical infrastructure. This individual will serve as a trusted advisor across network, cloud, endpoint, and data center security domains - translating business risk into actionable security architecture, policy, and roadmap decisions for a highly regulated financial services environment.

KEY RESPONSIBILITIES

• Act as a strategic security advisor to the CIO and executive technology leadership team on infrastructure risk posture and investment priorities
• Architect and assess security controls across on-premise data centers, hybrid cloud environments (AWS, Azure, GCP), and OT/network infrastructure
• Lead threat modeling and risk assessments for critical infrastructure components including firewalls, IDS/IPS, SIEM, PAM, and endpoint security platforms
• Develop and maintain security architecture standards, reference architectures, and hardening baselines aligned to NIST CSF, CIS Controls, and financial sector regulatory frameworks (FFIEC, SOX, PCI-DSS, DORA)
• Drive vulnerability management programs including continuous scanning, prioritized remediation, and executive reporting
• Oversee Identity and Access Management (IAM) strategy including Zero Trust implementation, privileged access governance, and federated identity
• Collaborate with Cloud Security and DevSecOps teams to embed security into CI/CD pipelines and cloud-native deployments
• Advise on Quantum-safe cryptography readiness and post-quantum migration planning
• Lead incident response coordination for infrastructure-level breaches and participate in tabletop exercises
• Manage and mentor a team of infrastructure security engineers and analysts
• Develop board-ready and CIO-level risk reporting, dashboards, and business cases for security investment

REQUIRED QUALIFICATIONS

• 20+ years of experience in cybersecurity with 10+ years focused on infrastructure security architecture in complex enterprise environments
• Demonstrated experience advising C-suite and board-level stakeholders on security strategy, risk, and investment
• Deep expertise in network security, zero trust architecture, cloud security (IaaS/PaaS), and endpoint protection
• Hands-on experience with security technologies including SIEM (Splunk/QRadar/Sentinel), PAM (CyberArk/BeyondTrust), EDR/XDR, and firewalls (Palo Alto/Fortinet/Cisco)
• Strong knowledge of financial services regulatory requirements: FFIEC, SOX, PCI-DSS, GDPR, and emerging DORA requirements
• Experience with cloud security frameworks and tools: CSPM, CWPP, cloud-native security services (AWS Security Hub, Azure Defender, GCP SCC)
• Proficiency in risk frameworks: NIST CSF, ISO 27001, MITRE Telecommunication&CK
• Bachelor's degree in computer science, Information Security, or related field; advanced degree preferred

PREFERRED QUALIFICATIONS

• Active CISSP, CISM, CCSP, or equivalent certification
• Experience with OT/ICS security and SWIFT infrastructure security controls
• Prior experience in a Big 4, global consulting firm, or financial services technology organization
• Familiarity with AI/ML security risks and securing AI infrastructure deployments
• Experience with post-quantum cryptography planning and NIST PQC standards
• Knowledge of IBM Security or equivalent enterprise security platform ecosystems