VP of Infrastructure & Network Security

Key Responsibilities

AI Transformation & Automation (Core Mandate)

• Champion the AI transformation of the infrastructure and network security function with a clear mandate: identify, build, and deploy AI agents that eliminate manual toil and scale team productivity by 10x
• Inventory every manual and repetitive workflow across the platform portfolio—vulnerability triage, scan scheduling, PAM access reviews, asset reconciliation, segmentation policy recommendations, compliance evidence gathering, executive reporting—and build an AI automation roadmap to systematically replace them
• Build and maintain AI agents that perform work traditionally done by analysts: triaging vulnerability findings with risk-based prioritization, generating microsegmentation policy recommendations based on traffic analysis, automating privileged access certifications, and producing cyber hygiene dashboards and reports
• Design AI agent architectures that integrate with the team's platform portfolio (Qualys, Guardicore, Axonius, PAM, Cisco Secure Access) to ingest data, reason over findings, and take or recommend actions
• Transform the team's operating model from manual operators to AI engineers—team members should spend the majority of their time building, tuning, and supervising AI agents rather than performing repetitive tasks
• Establish quality gates, validation workflows, and human-in-the-loop checkpoints to ensure AI agent outputs meet accuracy and compliance standards before action is taken
• Measure and report on AI transformation progress: percentage of workflows automated, time saved per workflow, agent accuracy rates, and overall team productivity multiplier

Hands-On Technical Execution & Engineering

• Own and operate the team's security platform portfolio: micro segmentation (Guardicore), ZTNA/SASE (Cisco Secure Access), vulnerability management (Qualys VMDR), privileged access management (PAM), asset intelligence (Axonius), email security, and database security platforms
• Architect and implement network security solutions including segmentation strategies, ZTNA policies, secure access configurations, and least-privilege network controls
• Drive the cyber hygiene program including vulnerability scanning, patch validation, configuration compliance, and asset inventory accuracy—increasingly through AI agents rather than manual processes
• Manage and optimize micro segmentation policies to enforce least-privilege network access across production and corporate environments
• Design and maintain PAM architectures including vault configuration, session recording, credential rotation, and privileged account lifecycle management
• Leverage Axonius to maintain comprehensive asset visibility, identify coverage gaps across security tooling, and drive cyber hygiene accountability
• Troubleshoot complex technical issues across the platform portfolio and drive vendor escalations to resolution

Team Leadership & Development

• Build and lead a high-performing infrastructure and network security team
• Develop team capability through pairing on technical work, not just delegating—coach team members while solving problems together
• Drive the team's evolution from platform operators to AI-augmented security engineers who build and maintain the agents that do the operational heavy lifting
• Know when to roll up your sleeves and execute directly versus when to invest time developing someone else's skills
• Establish clear platform ownership and accountability across team members while maintaining technical quality standards
• Drive hiring, onboarding, and performance management—with a strong preference for candidates who can build AI agents and automation, not just operate platforms manually

Strategic Program Execution

• Drive execution of the infrastructure and network security roadmap including platform upgrades, AI agent deployments, capability enhancements, and tool consolidations
• Develop detailed project plans with milestones, dependencies, and resource allocation—proactively, not upon request
• Lead multiple concurrent strategic initiatives (e.g., micro segmentation expansion, PAM maturity, Qualys coverage optimization, ZTNA migration, AI agent rollout) while maintaining velocity and quality
• Remove blockers and drive decisions quickly to maintain momentum
• Partner with IT, DevOps, and application teams to ensure security is embedded into infrastructure design and change management processes

Cyber Hygiene & Asset Management

• Own the enterprise cyber hygiene program: vulnerability management lifecycle, patch compliance tracking, configuration drift detection, and security baseline enforcement—with AI agents handling the bulk of triage, prioritization, and reporting
• Drive accountability for remediation SLAs across technology teams using data from Qualys and Axonius, with AI-generated escalation recommendations and trend analysis
• Maintain authoritative asset inventory through Axonius, ensuring coverage and accuracy across endpoints, servers, cloud workloads, and network devices
• Produce executive-level reporting on cyber hygiene posture, vulnerability aging, and remediation trends—increasingly auto-generated by AI agents with human review
• Support audit and compliance activities related to infrastructure and network security controls (FFIEC, PCI DSS, GLBA)

Required Qualifications

Technical Knowledge

• Deep expertise in network security architecture including micro segmentation, ZTNA/SASE, firewalls, email security, and network access control
• Strong hands-on experience with vulnerability management platforms (Qualys or equivalent) including scan configuration, asset grouping, reporting, and remediation workflows
• Experience with privileged access management solutions (CyberArk, BeyondTrust, Delinea, or equivalent) including vault architecture, session management, and credential rotation
• Familiarity with asset intelligence and cyber asset management platforms (Axonius or equivalent) for coverage gap analysis and security hygiene enforcement
• Working knowledge of database security platforms and controls including activity monitoring, access controls, and encryption
• Strong working knowledge of enterprise networking (routing, switching, VLANs, SD-WAN) and how security integrates at each layer
• Understanding of AI/LLM agent architectures, prompt engineering, and automation orchestration platforms—enough to design, build, or direct the build of AI agents that integrate with security platforms via APIs
• Understanding of banking compliance frameworks (FFIEC, GLBA, PCI DSS) as they relate to network and infrastructure security controls

Required Focus Areas

• AI-Driven Security Operations: Building and deploying AI agents that automate security workflows at scale—vulnerability triage, policy recommendations, access reviews, compliance evidence gathering, and executive reporting. Experience designing agent architectures that integrate with security platforms, establishing validation and human-in-the-loop frameworks, and measuring automation ROI. This is the defining capability of this role.
• Zero Trust & Network Segmentation: Designing and implementing zero trust frameworks including micro segmentation, least-privilege network access, continuous verification, and SASE/ZTNA architectures. Experience translating zero trust principles into practical network policies and enforcement points.
• Vulnerability Management & Cyber Hygiene: Hands-on experience owning enterprise vulnerability management programs end-to-end—scan operations, risk-based prioritization, remediation tracking, SLA enforcement, and executive reporting. Experience driving accountability for cyber hygiene outcomes across technology teams.
• Privileged Access & Database Security: Experience designing and operating PAM solutions including vault architecture, credential management, session recording, and just-in-time access. Familiarity with database security controls including activity monitoring and access governance.

Leadership Competencies

• Ability to switch rapidly between deep technical work, AI agent development, and strategic leadership conversations
• Judgment about when to do the work yourself (speed, complexity, teaching opportunity) versus when to delegate—and increasingly, when to build an AI agent to do it permanently
• Track record of staying technically sharp while managing people and projects
• Bias for action with ability to make decisions quickly and implement them directly when needed
• Comfortable with ambiguity and able to create structure through hands-on execution
• Ability to inspire a team to embrace AI transformation—not as a threat to their roles, but as the path to operating at a level that would otherwise be impossible

Work Environment & Expectations

• This is a demanding hybrid technical leadership role that requires commitment and engagement beyond standard business hours when operational needs arise.
• You will be in the technical weeds—configuring segmentation policies, troubleshooting PAM integrations, building AI agents to automate vulnerability triage, driving remediation—while also building and leading a team. This is not a pure management role.
• AI transformation is not a side initiative—it is a core expectation. You will be measured on your ability to systematically replace manual workflows with AI agents and demonstrate measurable productivity gains across the team.
• The pace of work is fast and the volume is high. You need to move quickly between technical execution, AI agent development, team coaching, vendor escalations, and leadership updates—often on the same day.
• Success requires knowing when to roll up your sleeves and build something yourself, when to invest time developing team capability, and when to build an AI agent so nobody has to do that task again. All three are necessary.