Position Summary: Serve as the senior technical execution and delivery leader within our global Information Security organization. Accountable for the full lifecycle of security solution design, build, and operation across a complex, regulated multinational environment encompassing both U.S. and European operations. Responsible for developing and maintaining PRA's information security posture in a manner that supports and improves the business, is efficient and effective within PRA's technology environment, and enables usability and productivity for PRA's employees.
Direct management authority over Security Architects and Solutions Engineers and will be the primary decision-maker for security architecture standards, platform selection, tooling strategy, and engineering execution. Working in close partnership with the CISO, IT Architecture, and Risk functions, translates enterprise security strategy into implementable, technically defensible controls that demonstrably reduce risk.
Professional Experience/Qualifications: - Minimum of 12 years of progressive experience in information security, with significant hands-on technical depth across both architecture and engineering functions
- Minimum of 5 years in a senior leadership role with direct management of security architects, engineers, or equivalent technical practitioners
- Minimum of 5 years operating in complex, regulated enterprise environments (financial services, healthcare, or equivalent)
- Minimum of 2 years of direct, hands-on experience implementing AI or ML capabilities within a security operations or engineering context
- Working knowledge of LLM-based enrichment, ML-based anomaly detection, or AI-assisted investigation workflows
- Understanding of AI-related security risks: hallucination, bias, data leakage, and model governance and how to operationalize mitigations
- Demonstrated track record of leading end-to-end security platform delivery - from requirements through design, build, and production operations
- Prior experience engaging executive and board-level stakeholders on technical security risk
- Bachelor's Degree required Masters preferred in Computer Science, Information Systems, Engineering, or a related technical field required
- Active certification(s) from the following are preferred: CISSP, CISM, CCSP, GIAC (GCED, GCSA, or equivalent), or cloud security certification (AWS Security Specialty, AZ-500, or equivalent)
Architecture & Engineering:- Minimum of 5 years of security architecture experience, including design of reference architectures and security review governance
- Minimum of 3 years of hands-on cloud security engineering experience across one or more major providers (Azure, AWS, GCP)
- Minimum of 3 years of experience with identity and access management architecture, including PAM, MFA, and Zero Trust principles
- Minimum of 2 years of experience with application security and SDLC integration (SAST, DAST, SCA, secure code review)
- Working knowledge of SIEM, XDR, and SOAR platforms - including tuning, integration, and detection engineering
Scripting & Development (Highly Preferred):- Proficiency in one or more scripting languages applied to security automation is highly preferred: Python, PowerShell, KQL, SQL, or REST API development
- Candidates who can script automation workflows, parse and enrich security telemetry, or build detection logic programmatically will be strongly favored
- This capability is considered a meaningful differentiator and is expected to grow in importance as the team's automation maturity matures
AI & Automation (Core Requirement):- Minimum of 2 years of direct, hands-on experience implementing AI or ML capabilities within a security operations or engineering context
- Working knowledge of LLM-based enrichment, ML-based anomaly detection, or AI-assisted investigation workflows
- Understanding of AI-related security risks: hallucination, bias, data leakage, and model governance and how to operationalize mitigations
Architecture & Engineering- Minimum of 5 years of security architecture experience, including design of reference architectures and security review governance
- Minimum of 3 years of hands-on cloud security engineering experience across one or more major providers (Azure, AWS, GCP)
- Minimum of 3 years of experience with identity and access management architecture, including PAM, MFA, and Zero Trust principles
- Minimum of 2 years of experience with application security and SDLC integration (SAST, DAST, SCA, secure code review)
- Working knowledge of SIEM, XDR, and SOAR platforms - including tuning, integration, and detection engineering
Scripting & Development (Highly Preferred)- Proficiency in one or more scripting languages applied to security automation is highly preferred: Python, PowerShell, KQL, SQL, or REST API development
- Candidates who can script automation workflows, parse and enrich security telemetry, or build detection logic programmatically will be strongly favored
- This capability is considered a meaningful differentiator and is expected to grow in importance as the team's automation maturity matures
Job DescriptionAUTHORITY & DECISION RIGHTS:This role operates with delegated authority from the CISO in the following areas:
- Final decision-making authority on security architecture standards, reference architectures, and design patterns across cloud, identity, endpoint, application, and network domains
- Vendor and tooling selection authority for security platforms and engineering solutions, within established budget thresholds and in coordination with IT Architecture
- Architecture review approval and exception management - the Director is the signing authority for security design approvals and risk-accepted exceptions
- Engineering team direction - full people-management authority over Security Architects and Solutions Engineers, including hiring, performance, and development
- Escalation authority for high-risk architectural decisions, with direct escalation path to the CISO and, where appropriate, IT Architecture leadership
- Advisory input into risk acceptance decisions owned by GRC, and into security requirements for business-initiated projects governed by IT Architecture
KEY RESPONSIBILITIES:Security Architecture Leadership:- Serve as the senior technical authority for Americas enterprise security architecture, setting standards across cloud, identity, endpoint, application, data, and network domains
- Direct the Security Architecture team in producing and maintaining reference architectures, patterns, and guardrails that enforce secure-by-design principles across the organization
- Lead architecture review governance - ensuring all material infrastructure, application, and platform changes receive security review prior to build, and that exceptions are documented with appropriate risk rationale
- Partner with IT Architecture and engineering leadership to embed security into the enterprise technology roadmap and ensure architecture consistency across the Americas environments
- Act as the technical escalation authority for high-risk architecture decisions and security incidents
Security Solutions Engineering & Delivery:- Direct Solutions Engineers in the design, implementation, configuration, and operationalization of security platforms across the full security stack - SIEM/XDR, endpoint, identity, email, cloud security, and application security tooling
- Own platform lifecycle management: drive tool evaluation, proof-of-concept, deployment, integration, tuning, and continuous improvement for all security engineering solutions
- Establish and enforce engineering standards, integration patterns, and runbook documentation across all deployed security technologies
- Ensure security solutions meet operational SLAs for availability, performance, and resilience
AI-Driven Security & Automation:- Lead the design and operationalization of AI-enabled and automation-first security capabilities, including AI-assisted alert triage, LLM-enriched investigation workflows, and ML-based behavioral detection
- Drive security automation strategy, reducing manual analyst workload through orchestration platforms (e.g., Torq, Tines, XSOAR, Logic Apps) and custom scripting
- Establish operational governance for AI use within security operations, including explainability standards, model drift monitoring, and data protection guardrails
- Skill up the architecture and engineering team on AI security concepts - both the use of AI as a security capability and the security implications of AI systems within the enterprise
Security Operations Integration:- Drive measurable improvements in MTTD, MTTR, alert fidelity, and analyst efficiency through engineering-layer improvements to detection logic, data pipelines, and automation
- Lead detection engineering strategy aligned to adversary tradecraft (MITRE ATT&CK), ensuring coverage maps to the organization's actual threat landscape
- Oversee vulnerability intelligence, prioritization, and remediation tracking; ensure findings are triaged against real-world exploitability and business context
Risk, Compliance & Regulatory Alignment:- Ensure technical controls support regulatory and audit requirements applicable to PRA Group's U.S. and European operations, including GLBA, NYDFS §500, SOX, GDPR, and relevant data protection frameworks
- Provide audit-defensible evidence and technical explanations during internal and external reviews; serve as the technical subject-matter expert during regulatory examinations
- Support risk acceptance and control exception processes with clear, data-driven technical rationale; coordinate closely with the GRC function
People Leadership & Talent Development:- Directly manage Security Architects and Solutions Engineers - providing clear direction, performance feedback, development plans, and career growth opportunities
- Build and sustain a high-performing, engineering-first team culture grounded in automation, continuous improvement, and operational accountability
- Develop team capability in AI security, cloud security, and emerging threat domains to ensure readiness for the evolving threat and technology landscape
- Communicate complex technical risk clearly to executive audiences, including the CISO and, where required, Board-level stakeholders
