Jobs · Information Technology · New York

Senior Director of Network Security – Engineering Lead

BNY · New York, NY · 2 wk ago
Information Technology$137k–$350k/yrFull-time

About the role

The Senior Director of Network Security – Engineering Lead role is located in New York City. This role involves owning engineering delivery for the network security portfolio across the enterprise, leading the end-to-end engineering lifecycle, driving network security & cloud engineering governance, and modernizing network security engineering through automation and standardization.

Responsibilities

  • Own Engineering delivery for the network security portfolio across the enterprise, including firewalls, IDS/IPS, secure web gateways, proxy, network access control (NAC), zero trust architectures, cloud security controls, and network threat detection solutions.
  • Lead the end-to-end engineering lifecycle from architecture and design through build, integration, and production rollout, ensuring solutions are secure-by-design, resilient, and scalable.
  • Ability to run formal lab validations for network security technologies (e.g., NGFW, SASE components, micro-segmentation), including design verification, performance testing, regression testing, and certification sign-off prior to production deployment.
  • Drive & uphold Network Security & Cloud engineering governance, delivery management, and prioritization using Agile practices and Jira (roadmaps, epics, stories, sprint planning, dependencies, and delivery metrics).
  • Build and lead a high-performing network security engineering organization with clear standards, reference architectures, reusable patterns, and strong collaboration across Network, Cloud, IAM, SOC, and application teams.
  • Define and monitor engineering health metrics (availability, performance, change failure rate, MTTR, policy compliance, capacity), partnering with operations and the SOC to improve platform reliability and detection efficacy.
  • Evaluate emerging technologies and vendor capabilities through proof-of-concepts and lab testing; provide recommendations that balance risk reduction, user experience, operational overhead, and total cost of ownership.
  • Partner on budget planning and vendor management for the engineering portfolio (licensing, support, hardware/cloud consumption), ensuring investments are aligned to roadmap commitments and production support needs.
  • Lead disciplined change management for engineering releases (implementation plans, test evidence, rollback procedures, stakeholder communications, and post-implementation validation) in partnership with operations and risk.

Requirements

  • Bachelor's degree in computer science or a related discipline, or equivalent work experience required; advanced degree preferred
  • 15+ years of experience in information security or related technology experience required; experience in the securities or financial services industry is a plus
  • 10+ years in network security engineering and/or platform engineering roles, including 5+ years leading teams and delivering enterprise-scale security platforms
  • Deep hands-on expertise with network security technologies such as NGFWs, IDS/IPS, WAF/proxy/SWG, NAC, VPN/remote access, segmentation, SASE components, and cloud-native network security controls
  • Proven ability to design, test, and certify solutions in a lab environment, producing implementation standards, test plans, evidence, and operational runbooks that support risk and regulatory expectations
  • Strong stakeholder management and communication skills, able to translate engineering tradeoffs into clear decisions, timelines, and risk-based outcomes
  • Proficiency with Jira for backlog management and delivery tracking (epics/stories, sprint planning, dashboards, and reporting); experience operating in Agile/DevOps delivery models
  • Experience with automation and modern engineering practices (e.g., AI, scripting, APIs, infrastructure-as-code, CI/CD) to improve consistency, speed, and auditability of network security changes

Qualifications

  • Bachelor's degree in computer science or a related discipline, or equivalent work experience required; advanced degree preferred
  • 15+ years of experience in information security or related technology experience required; experience in the securities or financial services industry is a plus
  • 10+ years in network security engineering and/or platform engineering roles, including 5+ years leading teams and delivering enterprise-scale security platforms
  • Deep hands-on expertise with network security technologies such as NGFWs, IDS/IPS, WAF/proxy/SWG, NAC, VPN/remote access, segmentation, SASE components, and cloud-native network security controls
  • Proven ability to design, test, and certify solutions in a lab environment, producing implementation standards, test plans, evidence, and operational runbooks that support risk and regulatory expectations
  • Strong stakeholder management and communication skills, able to translate engineering tradeoffs into clear decisions, timelines, and risk-based outcomes
  • Proficiency with Jira for backlog management and delivery tracking (epics/stories, sprint planning, dashboards, and reporting); experience operating in Agile/DevOps delivery models
  • Experience with automation and modern engineering practices (e.g., AI, scripting, APIs, infrastructure-as-code, CI/CD) to improve consistency, speed, and auditability of network security changes

Skills

  • Hands-on expertise with network security technologies such as NGFWs, IDS/IPS, WAF/proxy/SWG, NAC, VPN/remote access, segmentation, SASE components, and cloud-native network security controls
  • Strong stakeholder management and communication skills, able to translate engineering tradeoffs into clear decisions, timelines, and risk-based outcomes
  • Proficiency with Jira for backlog management and delivery tracking (epics/stories, sprint planning, dashboards, and reporting)
  • Experience with automation and modern engineering practices (e.g., AI, scripting, APIs, infrastructure-as-code, CI/CD) to improve consistency, speed, and auditability of network security changes

Benefits

BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.

Pay

The base salary for this position is expected to be between $136,500 and $350,000 per year at the commencement of employment. However, base salary if hired will be determined on an individualized basis, including as to experience and market location, and is only part of the BNY total compensation package, which, depending on the position, may also include commission earnings, discretionary bonuses, short and long-term incentive packages, and Company-sponsored benefit programs.

Schedule

This position is at-will and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation) at any time, including for reasons related to individual performance, change in geographic location, Company or individual department/team performance, and market factors.

Similar jobs