Senior Security Technical Lead

Who We Are

At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.

The Role

Are you passionate about protecting companies from cyber threats? Do you want to be part of a team that safeguards the digital assets of cutting-edge organizations? Look no further - Kyndryl is seeking a Cybersecurity Specialist to join our team of talented Technical Specialists.

As a Cybersecurity Specialist, you will be at the forefront of protecting Kyndryl's customers' computer systems and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. You will use a variety of tools and techniques to defend against a wide range of cyber threats, such as malware, ransomware, phishing attacks, and data breaches.

• Deploy and configure security technologies such as SIEM (e.g., Microsoft Sentinel, Intune, Palo Alto), EDR, SOAR, and vulnerability management tools.
• Lead or support migration projects (e.g., Splunk to Sentinel) and ensure minimal disruption to client operations

• Collaborate with SOC teams to enhance detection and response capabilities.
• Provide L3 support for escalated security incidents and coordinate with global teams for resolution

• Conduct security maturity assessments, threat intelligence reviews, and vulnerability assessments
• Recommend and implement hardening measures across endpoints, networks, and cloud environments.

• Maintain detailed documentation of configurations, procedures, and incident reports.
• Ensure compliance with internal standards and external regulatory requirements.

• Work with cross-functional teams including architects, delivery managers, and client stakeholders.
• Mentor junior engineers and contribute to knowledge-sharing initiatives.

• Oversee the planning, execution, and governance of cybersecurity projects, ensuring alignment with client expectations, contractual obligations, and Kyndryl's delivery standards.

• Serve as the primary delivery interface for clients, building trusted relationships and ensuring transparency, responsiveness, and satisfaction throughout the engagement lifecycle.

• Lead and mentor delivery teams, including security architects, engineers, and consultants. Ensure appropriate skills and technical alignment within the team. Delivery lead have to post hands-on experience.

• Ensure compliance with internal and external security policies, frameworks (e.g., NIST, ISO 27001), and regulatory requirements. Drive continuous improvement in delivery quality and risk mitigation.

• Collaborate with the Cybersecurity Incident Response Team (CSIRT) to manage and report incidents, ensuring timely escalation and adherence to Kyndryl's structured response protocols

• Conduct delivery reviews, track KPIs, and ensure that all deliverables meet quality standards and client expectations.

• Contribute to the development of Kyndryl's cybersecurity offerings, delivery models, and best practices. Represent Kyndryl in client workshops, industry forums, and internal guilds

• 7+ years of experience in a Cybersecurity field
• 6+ years in consulting, architect, leadership, deployment and implementation
• Expertise in network routing and switching, network troubleshooting, engineering and infrastructure, load balancing, and virtual private networks
• Proficiency in cloud computing and security architecture, hybrid and multi-cloud computing, and various cloud-based systems and services
• Familiar with vulnerability scanning, application security, penetration testing, encryption, threat modeling, identity and access management, and secure coding
• Good knowledge of cyber security, incident response, security operations, vulnerability management, IT security architecture, risk management, cyber threat hunting, and cyber security standards

• Network Security: Understanding of firewalls, VPNs, intrusion detection/prevention systems, network segmentation, and protocols like TCP/IP.
• Cloud Security: Knowledge of securing cloud platforms (AWS, Azure, etc.), cloud-based development, and cloud security architecture.
• Application Security: Understanding of secure coding practices, application security vulnerabilities (like OWASP Top 10), and web application firewalls.
• Operating Systems: Familiarity with Windows, Linux, and MacOS, including security configurations and best practices.
• Cryptography: Knowledge of encryption algorithms and protocols.
• Security Frameworks and Standards: Understanding of frameworks like NIST, ISO 27001, and GDPR.
• Identity and Access Management (IAM): Understanding of how to manage user access and permissions securely.
• Database Security: Knowledge of securing databases and managing data access.
• Threat Modeling: Ability to identify potential threats and vulnerabilities.

• Risk Assessment: Ability to assess and mitigate security risks.
• Vulnerability Management: Identifying, assessing, and addressing vulnerabilities in systems and applications.
• Incident Response: Understanding how to respond to security incidents and minimize their impact.
• Troubleshooting: Identifying and resolving security-related issues.

• Communication: Ability to communicate technical information clearly to both technical and non-technical audiences.
• Leadership: Ability to lead and mentor teams, and guide others in security best practices.
• Problem-Solving: Ability to identify and resolve complex security challenges.
• Project Management: Ability to manage multiple security projects and initiatives.
• Organization and Prioritization: Ability to organize and prioritize tasks in a fast-paced environment.
• Attention to Detail: Ensuring that all security measures are implemented accurately and thoroughly.

• Security Operations Center experience
• Security tooling for Endpoint Detection and Response (EDR)
• Security Information and Event Management (SIEM)
• Anti-virus Vulnerability Management Scanning and Remediation
• Technical architecture skills
• Experience Advising C suite
• Familiarity with DevSecOps practices and methodologies, and experience integrating security into agile development processes
• Familiarity with emerging security technologies and trends, such as artificial intelligence/machine learning in security, zero trust architecture, or secure remote access solutions
• Proven experience in delivering large-scale cybersecurity or IT infrastructure projects.
• Strong understanding of security domains such as threat protection, incident response, identity and access management, and data governance.
• Familiarity with frameworks such as NIST CSF, MITRE ATT&CK, and Zero Trust Architecture.
• Excellent stakeholder management, communication, and leadership skills.
• Experience working in regulated industries (e.g., financial services, healthcare, oil & gas, telecommunication) is a plus.
• Valid and current certification or equivalent experience in one of the following: Certified Information Systems Security Professional (Cissp), CompTIA Security+, Certified Ethical Hacker, Certified Information Security Manager (Cism), ISACA, Certified Cloud Security Professional (Ccsp), CompTIA CySA+, CompTIA PenTest+, Global Information Assurance Certification

• 10+ years of experience in IT security, with at least 5 years in a delivery leadership role.
• Experience working in a global delivery model with distributed teams.
• Ability to manage multiple concurrent engagements and adapt to dynamic client environments.