Principal Infrastructure Security Consultant

26-13623Onsite : San Antonio, TXInfrastructure Security ConsultantROLE OVERVIEWWe are seeking a Senior / Principal Infrastructure Security Consultant working on securing the firm's critical infrastructure. This individual will serve as a trusted advisor across network, cloud, endpoint, and data center security domains — translating business risk into actionable security architecture, policy, and roadmap decisions for a highly regulated financial services environment.KEY RESPONSIBILITIESAct as a strategic security advisor to the CIO and executive technology leadership team on infrastructure risk posture and investment prioritiesArchitect and assess security controls across on-premise data centers, hybrid cloud environments (AWS, Azure, GCP), and OT/network infrastructureLead threat modeling and risk assessments for critical infrastructure components including firewalls, IDS/IPS, SIEM, PAM, and endpoint security platformsDevelop and maintain security architecture standards, reference architectures, and hardening baselines aligned to NIST CSF, CIS Controls, and financial sector regulatory frameworks (FFIEC, SOX, PCI-DSS, DORA)Drive vulnerability management programs including continuous scanning, prioritized remediation, and executive reportingOversee Identity and Access Management (IAM) strategy including Zero Trust implementation, privileged access governance, and federated identityCollaborate with Cloud Security and DevSecOps teams to embed security into CI/CD pipelines and cloud-native deploymentsAdvise on Quantum-safe cryptography readiness and post-quantum migration planningLead incident response coordination for infrastructure-level breaches and participate in tabletop exercisesManage and mentor a team of infrastructure security engineers and analystsDevelop board-ready and CIO-level risk reporting, dashboards, and business cases for security investmentREQUIRED QUALIFICATIONS20+ years of experience in cybersecurity with 10+ years focused on infrastructure security architecture in complex enterprise environmentsDemonstrated experience advising C-suite and board-level stakeholders on security strategy, risk, and investmentDeep expertise in network security, zero trust architecture, cloud security (IaaS/PaaS), and endpoint protectionHands-on experience with security technologies including SIEM (Splunk/QRadar/Sentinel), PAM (CyberArk/BeyondTrust), EDR/XDR, and firewalls (Palo Alto/Fortinet/Cisco)Strong knowledge of financial services regulatory requirements: FFIEC, SOX, PCI-DSS, GDPR, and emerging DORA requirementsExperience with cloud security frameworks and tools: CSPM, CWPP, cloud-native security services (AWS Security Hub, Azure Defender, GCP SCC)Proficiency in risk frameworks: NIST CSF, ISO 27001, MITRE Telecommunication&CKBachelor's degree in computer science, Information Security, or related field; advanced degree preferredPREFERRED QUALIFICATIONSActive CISSP, CISM, CCSP, or equivalent certificationExperience with OT/ICS security and SWIFT infrastructure security controlsPrior experience in a Big 4, global consulting firm, or financial services technology organizationFamiliarity with AI/ML security risks and securing AI infrastructure deploymentsExperience with post-quantum cryptography planning and NIST PQC standardsKnowledge of IBM Security or equivalent enterprise security platform ecosystems