Linux Security Lead

As the Linux Security Lead, you will own and drive a consistent and enforceable security posture across the firm's Linux fleet — building enforceable baselines, automated drift detection, and verified remediation patterns that scale across a hybrid on-premises and cloud environment. You will report directly to the Head of Infrastructure Security and serve as the technical authority for Linux hardening, operating within a sprint-based engineering discipline and working closely with the Linux Infrastructure team. Specifically, you will: Own the Linux security baseline program end-to-end, including defining hardening intent per distribution and workload class (RHEL, Ubuntu, Amazon Linux), enforcing standards through Ansible and configuration management tooling, and driving continuous drift reconciliation.Build and operate automated drift detection workflows by translating desired state into enforcement, generating alerts with remediation paths, and reducing MTTR for high-risk deviations.Integrate Linux posture signals, including compliance state, vulnerability exposure, and audit telemetry, into broader access policy and detection pipelines.Partner with security automation teams to build scalable, version‑controlled delivery patterns with validation and rollout safeguards.Maintain exception governance discipline, such as time-bounded exceptions with explicit ownership, compensating controls, and regular burn-down reviews.Drive verified vulnerability closure for Linux-specific exposure classesEstablish and embed Linux-specific secure engineering principles, such as least privilege daemons, immutable configuration patterns, kernel hardening, and audit telemetry standards, into engineering standards and peer review processes.Contribute to the firm's broader CIS Benchmark compliance posture, maintaining mappings to CIS Controls v8 and NIST CSF 2.0 for audit and regulatory defensibility. What’s required6+ years of experience in Linux system administration or security engineering, with at least 3 years focused on Linux security hardening and compliance in an enterprise environment.Demonstrated expertise with configuration management tooling, specifically Ansible, and infrastructure-as-code practices, including version control, peer review workflows, and pipeline-driven enforcement.Hands-on experience with CIS Benchmarks for Linux (RHEL, Ubuntu, or equivalent) and familiarity with the NIST Cybersecurity Framework (CSF 2.0) and STIG compliance frameworks.Proven ability to build and operate drift detection and reconciliation tooling, as well as experience with Qualys, CrowdStrike, or equivalent endpoint monitoring platforms.Working knowledge of Linux kernel security features such as SELinux or AppArmor, auditd, system hardening, privilege separation, and secure boot patterns.Experience operating in an engineering delivery model, specifically with sprint cadence, backlog prioritization, Definition of Done tied to verification, and peer review for high-impact changes.Strong collaboration skills with the ability to define and maintain explicit interfaces with adjacent teams and communicate posture risk clearly to technical and non-technical stakeholders.Commitment to the highest ethical standards.