Lead Security Engineer

Marmon Technologies India Private Limited

As a part of the global industrial organization Marmon Holdings—which is backed by Berkshire Hathaway—you’ll be doing things that matter, leading at every level, and winning a better way. We’re committed to making a positive impact on the world, providing you with diverse learning and working opportunities, and fostering a culture where everyone’s empowered to be their best.

The Lead Security Engineer will act as the primary authority for infrastructure security, responsible for strengthening the organization’s security posture across endpoints, servers and enterprise systems.
This role requires deep expertise in EDR/XDR, vulnerability management and patch governance, along with ownership of security ratings (BitSight), awareness programs and risk visibility. The individual will lead initiatives focused on attack surface reduction, proactive threat defence and enterprise-wide security maturity improvement

Key Responsibilities

Infrastructure Security Architecture

Define and implement enterprise infrastructure security strategy

Design controls across endpoints, servers, and enterprise environments

Drive Zero Trust principles (device trust, least privilege, continuous validation)

EDR / XDR & Endpoint Security

Lead implementation and optimization of:

EDR/XDR solutions (Defender, SentinelOne, CrowdStrike, etc.)

Define:

Detection use cases

Response playbooks

Threat hunting practices

Continuously improve threat detection coverage and response effectiveness

Vulnerability Management (Core Function)

Lead end-to-end vulnerability management lifecycle

Discovery → Prioritization → Remediation → Reporting

Manage tools like:

Qualys / Nessus / Defender VM

Implement:

Risk-based prioritization

SLA-driven remediation tracking

Provide executive dashboards on vulnerability posture

Patch Management & Compliance

Own enterprise patch management strategy

Ensure:

Timely OS & application patching

Compliance tracking and reporting

Collaborate with infra teams for minimal disruption with maximum coverage

Security Ratings & External Risk (BitSight)

Manage and monitor BitSight / external security rating platforms

Track and improve:

Organization security score

Third-party/vendor risk posture

Drive remediation based on:

External exposure findings

Reputation risks

Provide leadership visibility on external attack surface and risk trends

Security Awareness & Training

Design and execute security awareness programs across the organization

Lead initiatives like:

Phishing simulations (e.g., KnowBe4)

Targeted awareness campaigns

Track:

User behaviour metrics

Phishing susceptibility trends

Drive continuous improvement in human risk reduction

Governance, Compliance & Audits

Ensure compliance with Marmon IT-30 Security and Operations policies, based on current CIS standards.

Support and participate in internal and external audits and assessments to evaluate the effectiveness of the security program.

Track audit findings and drive remediation efforts to closure.

Ensure alignment with applicable regulatory and industry standards, including but not limited to: PCI-DSS, ISO 27001, NIST, GDPR, CCPA; Other regional security and privacy regulations as applicable.

Zero Trust & Security Architecture

Lead and support the design and implementation of Zero Trust security principles, including:

Identity and access controls

Network segmentation

Device and user trust validation

Continuous monitoring and verification

Reporting & Metrics

Develop and deliver clear, executive-level security reports and dashboards for the Group Senior Director of Information Technology.

Report on:

Vulnerability trends, Risk posture, Phishing and awareness metrics, Compliance status, Remediation progress.

Required Qualifications

Bachelor’s degree in information security, Computer Science, Information Technology or related field (or equivalent experience).

8+ years of experience in cybersecurity, information security, or risk management.

Demonstrated experience leading or mentoring security professionals.

Hands-on experience with:

Vulnerability management platforms (e.g., Qualys)

Security ratings services (e.g., BitSight)

Security awareness platforms (e.g., KnowBe4)

Strong understanding of security frameworks and regulatory requirements (CIS, NIST, ISO 27001, PCI-DSS, GDPR, CCPA).

Strong expertise in:

EDR/XDR (Defender / SentinelOne / CrowdStrike)

Vulnerability Management (Qualys / Nessus)

Patch Management tools (SCCM, Intune, etc.)

Experience with:

BitSight or similar security rating platforms

Security awareness tools (KnowBe4 or equivalent)

Act as L3/L4 escalation for security incidents

Lead:

Incident response coordination

Root cause analysis

Long-term remediation

Integrate endpoint security tools with SIEM/SOAR platforms

Preferred Qualifications

Industry certifications such as: CISSP, CISM, CRISC, or equivalent.

Experience supporting manufacturing or industrial environments.

Practical experience designing or implementing Zero Trust architectures.

Strong communication skills with the ability to translate technical risk into business impact.

Key Competencies

Security leadership and governance.

Risk assessment and mitigation.

Regulatory compliance and audit support.

Cross-functional collaboration.

Executive-level reporting and communication.

Strategic and analytical thinking.

Following receipt of a conditional offer of employment, candidates will be required to complete additional job-related screening processes as permitted or required by applicable law.