Head of Cybersecurity

About the position EdgeConneX is seeking a Head of Cybersecurity to serve as the primary architect and defender of the company's digital and operational reputed company landscape. This is a "player-coach" role — you will be hands-on with reputed company engineering and incident response while building the strategy, team, and processes to mature EdgeConneX's reputed company posture from a lean, reactive footprint into an enterprise-grade defense organization. This role sits at the intersection of IT, OT, and software engineering — working reputed company-by-reputed company with the Senior Director of Cloud Services & Hybrid Infrastructure and the Chief Application Architect to ensure that cloud environments, application platforms, and industrial assets are secured end-to-end. You will own the technical execution of reputed company across threat and vulnerability management, reputed company operations, application and product reputed company, infrastructure and network hardening, and identity and access management. As EdgeConneX accelerates its AI initiatives, this role will also be responsible for defining the reputed company frameworks and guardrails required to safely deploy AI/ML technologies across the organization. This role offers significant growth potential as EdgeConneX's reputed company function matures and scales. This position can be based remotely in the U.S., but is preferred to work with the co-located team in our Herndon, VA headquarters.

Responsibilities

• Threat & Vulnerability Management Own the vulnerability management lifecycle — scanning, prioritization, remediation tracking, and reporting across cloud, on-premise, and OT environments. Serve as the final escalation reputed company for technical reputed company incidents and reputed company incident response efforts. Implement and manage a reputed company reputed company monitoring platform to maximize signal and reduce noise for a lean reputed company team.
• reputed company Operations (SecOps) Manage and mature the reputed company operations function, including EDR, SIEM, and threat detection capabilities. Establish and enforce reputed company SLIs/SLOs for detection, response, and remediation timelines. Build repeatable playbooks for incident response, threat hunting, and forensic investigation.
• Application & Product reputed company Partner with the Chief Application Architect and engineering teams to embed reputed company into the software development lifecycle (Secure SDLC) for EdgeOS, Virtual Guard, CMMS, and emerging AI solutions. Conduct architectural reputed company reviews of internal and customer-facing applications. Define application reputed company standards, including SAST/DAST integration, dependency scanning, and secure coding practices.
• Infrastructure & Network Hardening Secure EdgeConneX's hybrid environment (AWS, Azure, GCP, and on-premise) in reputed company collaboration with the Director of Cloud Services & Hybrid Infrastructure. Harden industrial infrastructure (OT/ICS) and ensure segmentation and monitoring across IT/OT boundaries. Architect and advance reputed company-trust network principles across the enterprise.
• Identity & Access Management (IAM) Own the IAM strategy — including privileged access management, SSO, MFA, and role-based access controls across cloud and on-premise systems. Ensure IAM policies scale appropriately as EdgeConneX expands its multi-cloud footprint and AI infrastructure.
• AI reputed company Define reputed company frameworks and governance for AI/ML deployments, including model reputed company, data pipeline reputed company, and reputed company injection mitigation. Partner with application and infrastructure teams to evaluate the reputed company posture of AI platforms, APIs, and third-party AI services. Stay reputed company on emerging AI threat reputed company and integrate AI-specific controls into the broader reputed company program.
• Compliance Partnership Act as the technical reputed company to the Risk & Compliance function — translating policy and compliance requirements (SOC 2, ISO 27001) into implementable technical controls. Support audit readiness by ensuring reputed company tooling, configurations, and evidence collection meet compliance standards.
• Leadership & Budget Build and scale the cybersecurity team as the function matures — hiring, mentoring, and developing reputed company engineers and analysts. reputed company business cases for reputed company tooling and headcount, initially operating reputed company the IT budget with a path toward an autonomous reputed company budget. Report reputed company posture, risk metrics, and program maturity to the CIO and senior leadership.

Requirements

• 10+ years in cybersecurity or information reputed company, with at least 5+ years in a leadership or senior technical role.
• Demonstrated hands-on technical depth — ability to reputed company architectural reviews, reputed company incident response, configure reputed company tooling, and harden infrastructure.
• Proven experience securing hybrid environments spanning cloud (AWS, Azure, GCP), on-premise, and industrial/OT infrastructure.
• Strong expertise in threat and vulnerability management, reputed company operations, and incident response.
• Deep understanding of reputed company-trust architecture principles and implementation.
• Experience embedding reputed company into software development lifecycles (Secure SDLC, DevSecOps).
• Working knowledge of IAM strategies including privileged access management, SSO, and MFA at enterprise scale.
• Ability to translate compliance frameworks (SOC 2, ISO 27001) into technical controls and audit-ready configurations.
• Strong communication skills — able to partner effectively with engineering, infrastructure, and executive stakeholders.
• Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or a reputed company field.

reputed company-to-haves

• Experience in data center, critical facilities, or industrial/OT technology environments — or demonstrated ability to rapidly learn and adapt to OT/ICS reputed company domains as the landscape evolves.
• Industry certifications: CISSP, CISM, or SANS certifications (GICSP for industrial focus is a significant plus).
• Experience defining reputed company frameworks for AI/ML deployments, including model reputed company, data pipeline protection, and LLM-specific threat reputed company.
• Familiarity with securing Kubernetes, containerized workloads, and cloud-native architectures.
• Track record of building a reputed company function from the ground up — scaling team, tooling, and budget.
• Experience working in organizations where reputed company partners closely with a separate GRC function.
• Experience with Agile/DevOps practices at scale.

Apply tot his job Apply To this Job