To Apply for this Job Click Here

Job Description: Senior Lead, Cybersecurity

Location: Remote
Job Type: Contract-to-Hire (6 month contract to hire)
Work Authorization: U.S. Citizen or Green Card Holder
Compensation: $125K–$140K on conversion

Position Summary

The Senior Lead, Cybersecurity is the primary hands-on technical leader responsible for building, maturing, and overseeing the organization’s cybersecurity operations. This role plays a critical part in safeguarding systems, data, and customers across a cloud-native, SaaS-integrated environment.

Initially functioning as an individual contributor, this leader will assess existing tools, build a holistic cybersecurity program, establish governance and processes, and later grow into managing a small security team. The ideal candidate brings a blend of deep technical expertise, program-building experience, and familiarity with enterprise-level security practices.

Key Responsibilities

Security Leadership & Program Development

• Build, scale, and oversee a comprehensive cybersecurity program including governance, vulnerability management, threat modeling, data protection, DevSecOps processes, and security operations.

• Act as a trusted security advisor, supporting leadership in evaluating business decisions and risk tradeoffs.

• Create and maintain SOPs, compliance controls, and security documentation.

• Develop and track KPIs/KRIs to measure security posture and report to senior leadership.

• Lead incident response, vendor risk management, identity and access management, vulnerability management, and security awareness initiatives.

Cloud & Application Security

• Maintain hands-on experience with cloud-native environments (GCP preferred but not required) including identity, access management, container security, and serverless architectures.

• Design and review secure architectures for new products, services, and integrations.

• Ensure secure API usage, cross-cloud data flows, and third-party interconnectivity.

• Apply zero-trust principles, secure SDLC practices, and infrastructure-as-code validation.

Security Engineering & Threat Operations

• Configure and optimize existing security tools such as SIEM, next-generation firewalls, data protection platforms, IAM solutions, and monitoring tools.

• Conduct risk assessments and map controls to industry frameworks (NIST CSF, ISO 27001, CIS Controls).

• Enhance detection, response, and threat hunting using the MITRE ATT&CK framework.

• Oversee data governance including classification, encryption standards, and DLP.

Team Leadership & Future Management

• Serve as the primary escalation point for security issues.

• Operate as an individual contributor for the first ~12 months while building the foundation of the security function.

• Eventually lead a team of security analysts, driving a collaborative, business-aligned security culture.

Required Qualifications

• Bachelor’s degree, or equivalent experience (minimum of 4 years in IT/security).

• 4+ years progressive IT or cybersecurity experience, including 2+ years as a direct practitioner.

• 1+ year of cybersecurity team leadership (formal or informal).

• Hands-on experience with cloud security (GCP preferred) and cloud-native architectures.

• Strong experience with SIEM platforms, endpoint security, IAM, and network protection (firewalls/load balancers).

• Proven ability to build or scale security programs within a growing organization.

• Excellent communication skills with the ability to translate technical risk into business terms.

• Must hold at least 2 of the following: CCSP, CISSP, CIPP (all three preferred).

• Ability to pass a 10-year background check.

• Must be legally authorized to work in the U.S.

Preferred Qualifications

• Experience in travel, retail, airline, or other highly regulated industries.

• Familiarity with API security, container security, microservices, and zero-trust models.

• Experience influencing security uplift in distributed or matrixed organizations.

• Additional certifications such as CISM, CRISC, CCSK, CISA.

Work Environment & Expectations

• May need to respond to high-priority incidents outside normal working hours.

• Professional appearance and regular attendance required.

What Makes This Role Unique

• Opportunity to build a cybersecurity program from the ground up.

• High degree of ownership across tools, processes, and strategy.

• Pathway to grow into a leadership/management role as the security function expands.

• Highly visible role working across Engineering, Product, and Senior Leadership.

• Ideal for someone with enterprise exposure who wants to step into their first major lead role.

To Apply for this Job Click Here

Equal Employment Opportunity Statement
Gravity IT Resources is an Equal Opportunity Employer. We are committed to creating an inclusive environment for all employees and applicants. We do not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, genetic information, veteran status, or any other legally protected characteristic. All employment decisions are based on qualifications, merit, and business needs.