Job
Description
At FourKites we have the opportunity to tackle complex challenges with real-world impacts. Whether it’s medical supplies from Cardinal Health or groceries for Walmart, the FourKites platform helps customers operate global supply chains that are efficient, agile and sustainable. Join a team of curious problem solvers that celebrates differences, leads with empathy and values inclusivity. We are seeking a Security Lead with a strong background in cloud infrastructure security, security operations, and compliance. The ideal candidate will provide technical leadership across multi-cloud environments (AWS and Azure), security frameworks (ISO27001, PCI DSS, SOC 2), and modern security tools while bringing experience in SOC operations, vulnerability management, and security governance. This leadership role requires someone who can build and direct security teams, implement robust security controls, manage security incidents, and ensure compliance with industry standards. The Security Lead must excel at developing, implementing, and maintaining a comprehensive suite of security policies and procedures that align with organizational objectives and regulatory requirements. What You’ll Be Doing Security Leadership Lead the security team to deliver effective security services across the organizationContribute to security strategy and roadmap aligned with business objectivesProvide technical guidance and mentorship to team membersServe as the security subject matter expert for managementDrive security maturity improvements based on industry best practicesLead security governance meetings and present security metrics to stakeholders Security Policy Framework Development & Management Lead the development, implementation, and maintenance of the organization's comprehensive security policy framework including:Identity and Access Management & Asset Management ProceduresAccess Control PolicyAcceptable Usage PolicyData Classification and Protection PoliciesInformation Security Management System (ISMS) ManualCloud Security Policy and Cyber Security PolicyCryptography and Key Management PolicyNetwork Security ProceduresApplication Security StandardsVulnerability Management ProceduresThird Party Security Standards and PoliciesSoftware Development Lifecycle ProceduresRisk Management ProceduresEnsure policies adhere to ISO27001 requirements and maintain the Statement of ApplicabilityOversee the development and maintenance of Standard Operating Procedures for IT, DevOps, Admin, Product Support, Application, and Information Security teamsLead regular reviews and updates of the Risk Register and security policies Multi-Cloud Security Implementation Lead the implementation and management of security architecture across AWS and Azure environmentsDesign and implement consistent security controls across multi-cloud platformsOversee WAF solutions to protect web applications from threatsDirect configuration and management of cloud security controls across cloud environmentsGuide implementation of container security measuresOversee cryptographic key management and security automationImplement cloud security best practices for both AWS and Azure Security Operations & Monitoring Lead SOC team to ensure efficient cybersecurity monitoring, incident response, and threat managementOversee implementation and management of SIEM solutionsGuide detection strategy and custom rule developmentEnsure effective incident response and threat managementCoordinate security incident management and response Business Continuity & Disaster Recovery Lead the development and maintenance of Business Continuity Plan and Disaster Recovery PlanCoordinate with stakeholders to ensure plans are regularly tested and updatedImplement backup policies and procedures to ensure data availability Governance, Risk & Compliance Act as the primary liaison for internal, external, and regulatory auditsLead compliance efforts for ISO27001, PCI DSS, and SOC 2Coordinate vendor risk management activitiesContribute to defining roles and responsibilities for ISMS, IT, and DevOps teamsLead preparation of documentation and evidence for compliance audits Physical & Environmental Security Guide development and implementation of physical and environmental security standardsOversee secure disposal processesCoordinate implementation of clear desk and clear screen procedures Vulnerability Management Lead the organization's vulnerability management programCoordinate vulnerability assessment and penetration testing initiativesOversee remediation effortsGuide risk assessments and threat modelingLead patch management implementation Security Awareness & Training Develop security awareness strategy and training programsCoordinate phishing simulation campaignsFoster security culture development initiativesStrong leadership and team coordination abilitiesTactical execution with ability to align security initiatives with business objectivesExceptional ability to develop clear, comprehensive, and effective security policiesStrong analytical, troubleshooting, and problem-solving skillsExcellent communication skills for collaborating with cross-functional teams and managementExperience working as security lead across multiple business unitsAbility to translate complex security concepts for non-technical stakeholdersProactive approach to identifying and addressing security challenges This leadership position offers the opportunity to lead security initiatives across multiple business entities while implementing cutting-edge security solutions and best practices. The role requires a candidate who can provide technical leadership and excel at developing and maintaining the comprehensive policy framework that governs the organization's security posture. Who You Are 6+ years of information security experience with focus on cloud security and security operationsExperience in a security leadership or team lead roleStrong hands-on experience with multi-cloud platforms (AWS and Azure) and their security servicesDemonstrated experience implementing security frameworks and maintaining certifications (ISO27001, PCI DSS, SOC 2)Proven track record in developing, implementing, and managing comprehensive security policiesBackground in security monitoring, incident response, and vulnerability managementExperience with container security and Kubernetes environmentsSecurity policy development and implementationSecurity team leadership and coordinationMulti-cloud security implementation (AWS and Azure)Security monitoring and SIEM implementation (Wazuh, CrowdStrike Falcon)Cloud security tools and WAF configuration (Reblaze, AWS WAF, Azure WAF)Container security (NeuVector, Kubernetes security controls)Vulnerability assessment and penetration testing coordinationIdentity and access management, implementing least privilege principlesSecurity automation and infrastructure as codeISO27001 Implementation experience will be a plusPCI DSS compliance expertise will be a plusSOC 2 compliance expertise will be a plusCloud security certifications (AWS Security, Azure Security) will be a plusSecurity certifications (CISSP, CISM)will be a plus Who we are: FourKites®, the leader in AI-driven supply chain transformation for global enterprises and pioneer of real-time visibility, turns supply chain data into automated action. FourKites’ Intelligent Control Tower™ breaks down enterprise silos by creating a real-time digital twin of orders, shipments, inventory and assets. This comprehensive view, combined with AI-powered digital workers, enables companies to prevent disruptions, automate routine tasks, and optimize performance across As the leader in AI-driven supply chain transformation, FourKites pioneered the Intelligent Control Tower™ powered by the world’s largest real-time visibility network. Our platform creates comprehensive digital twins of your supply chain with AI-powered digital workers to automate resolution, improve collaboration and drive outcomes across all stakeholders. Unlike traditional control towers, we enable true real-time execution and intelligent fulfillment, transforming both your supply and customer. Benefits Medical benefits start on first day of employment36 PTO days( Sick, Casual and Earned) , 5 recharge days, 2 volunteer days Home Office setups and Technology reimbursementLifestyle & Family benefits Annual Swags/ Festive SwagsOngoing learning & development opportunities ( Professional development program, Toast Master club etc.)
