Senior Vice President, Cyber Security

Our Company

Oaktree is a leader among global investment managers specializing in alternative investments, with more than $202 billion in assets under management as of March 31, 2025. The firm emphasizes an opportunistic, value-oriented, and risk-controlled approach to investments in distressed debt, corporate debt (including high yield debt and senior loans), control investing, convertible securities, real estate, and listed equities. Headquartered in Los Angeles, the firm has over 1,000 employees and offices in 20 cities worldwide. The firm seeks to deliver superior investment results while maintaining a strong culture of risk management, innovation, and operational excellence. For more information, visit: www.oaktreecapital.com

Oaktree is seeking a highly technical and experienced leader for the role of SVP, Head of Cybersecurity and Security Engineering. This executive will report directly to the Chief Information Security Officer (CISO) and be responsible for leading the design, implementation, and operationalization of Oaktree's technical security controls and architecture across global infrastructure, cloud environments, and applications. This position is ideal for an experienced security leader who combines strategic technical vision with deep hands-on expertise and the ability to lead technical teams.

The SVP, Head of Cybersecurity and Security Engineering will drive security automation, embed security into development and operations processes, and serve as a key technical escalation point for complex security challenges and incidents. The role is critical to ensuring Oaktree's defenses are robust, adaptable to evolving threats, and integrated seamlessly into the technology landscape. This leader will manage technical security teams and collaborate extensively with IT infrastructure, application development, and business units to maintain a strong, proactive security posture.

Responsibilities

• Security Architecture and Design Leadership:

• Lead the development and continuous improvement of the overall security architecture for networks, systems, cloud, and applications.

• Design secure reference architectures for new technologies and review IT projects for security impacts.

• Drive strategic initiatives like implementing Zero Trust Architecture principles across identities, network, endpoint, and applications. Define security standards and guidelines.

• Security Engineering and Implementation:

• Oversee the deployment, configuration, and maintenance of security technologies and tools, ensuring they are properly integrated and function smoothly.

• Lead security automation efforts using scripting languages (e.g., Python, PowerShell, Bash) and tools to enhance detection, response, and operational efficiency.

• Ensure security hardening and timely application of patches in collaboration with IT teams.

• Technical Security Operations Guidance:

• Guide the tuning and optimization of technical security controls and monitoring platforms (SIEM, EDR, XDR) to enhance threat detection capabilities.

• Act as a senior technical escalation point for security incidents and provide strategic guidance during incident response activities, collaborating with the SOC and IR teams.

• Vulnerability Management and Offensive Security:

• Oversee the vulnerability management lifecycle, from discovery and prioritization to remediation and verification.

• Coordinate or lead proactive security testing efforts including penetration testing, red team exercises, and ethical hacking activities to identify vulnerabilities and strengthen defenses.

• Develop and refine threat hunting hypotheses based on threat intelligence and attacker tactics, techniques, and procedures (TTPs), and conduct continuous threat hunting activities.

• Application Security and DevSecOps Integration:

• Ensure internally developed and externally procured applications are secure by integrating security throughout the Software Development Lifecycle (SDLC).

• Embed security into CI/CD pipelines using DevSecOps methodologies and tools (SAST, DAST, SCA).

• Guide secure coding practices, coordinate threat modeling, and ensure security is included in code reviews.

• Identity and Access Management (Technical Focus):

• Guide the technical implementation and management of enterprise authentication systems (SSO, MFA) and Privileged Access Management (PAM) solutions.

• Define and maintain technical configurations for roles and groups that enforce least privilege access.

• Team Leadership and Management:

• Build, mentor, and lead high-performing technical cybersecurity teams covering areas such as security architecture, engineering, and technical operations.

• Cultivate a culture of technical excellence, continuous learning, and hands-on problem-solving within the team.

• Cross-Functional Collaboration:

• Collaborate closely with Tech Infrastructure and Operations teams, application development teams, business units, and other stakeholders to embed security controls, align technical strategies, and support business objectives.

• Emerging Technology and Threat Awareness:

• Stay abreast of global trends, threat intelligence, and emerging security technologies, including developments in AI threats and corresponding defenses.

• Ensure indicators of compromise (IOCs) and threat insights are integrated into defensive tools and practices.

• Metrics and Reporting:

• Develop and monitor technical cybersecurity metrics and dashboards to evaluate the effectiveness of security controls and operations.

• Provide technical input for reporting on cyber risks and posture to leadership.

• Policy and Standards Contribution:

• Contribute to the development, maintenance, and enforcement of organizational cybersecurity policies, standards, and procedures from a technical perspective.

• Resilience Support:

• Contribute to the technical design and implementation of disaster recovery (DR) and high availability solutions for critical systems.

Qualifications

• Minimum of 10+ years of progressive experience in cybersecurity, with a significant focus on hands-on security engineering, architecture, and technical leadership roles. At least 5 years of demonstrable hands-on engineering experience is highly preferred.
• Deep technical expertise across Security Architecture, Cloud Security (Azure, AWS), Zero Trust principles, DevSecOps, Threat Detection and Response, Vulnerability Management, Penetration Testing, Red/Blue Teaming, Identity and Access Management (IAM), and Data Security.
• Proficiency in scripting for automation (Python, PowerShell, Bash).
• Hands-on experience with security tools such as firewalls, SIEM, XDR, EDR, vulnerability scanners, and offensive security tools (e.g., Metasploit, Cobalt Strike, Empire, Kali Linux, BloodHound).
• Strong working knowledge of security standards and frameworks including NIST Cybersecurity Framework (CSF), ISO 27001, CIS Controls, MITRE ATT&CK.
• Experience integrating security controls into modern DevOps/DevSecOps environments, including Infrastructure-as-Code (IaC) and secure cloud configurations (Terraform, Azure Policy, AWS Config).
• Proven experience leading technical security teams.
• Ability to translate complex technical risks into terms understood by both technical and business stakeholders.
• Strong analytical mindset and the ability to think critically and act decisively in high-pressure situations, particularly during technical incidents.
• Excellent verbal, written, and interpersonal communication skills, with executive presence and the ability to build influence across technical and business teams.

Personal Attributes

• Technically curious and self-motivated with a passion for continuous learning and staying ahead of the threat landscape.
• Excels under pressure and with time constraints in complex, fast-paced environments.
• High integrity with strong professional and personal ethics, particularly when handling highly confidential information.
• Pragmatic problem-solver who balances stringent security requirements with business enablement and operational needs.
• Team-oriented with strong collaboration skills, able to bridge silos and foster teamwork across departments.
• Outstanding organizational skills with high attention to detail.
• Demonstrated ability to lead by doing, providing hands-on technical guidance and contributing directly to technical solutions.

Education

A Bachelor's degree is required.

Base Salary Range

$200,000 - $225,000

In addition to a competitive base salary, you will be eligible to receive discretionary bonus incentives, a comprehensive benefits package and a flexible work arrangement. The base salary offered will be commensurate with experience and/or qualifications, industry knowledge and expertise, as well as prior training and education.

Equal Opportunity Employment Policy

Oaktree is committed to diversity and to equal opportunity employment. Oaktree does not make employment decisions on the basis of race, creed, color, ethnicity, national origin, citizenship, religion, sex, sexual orientation, gender identity, gender expression, age, past or present physical or mental disability, HIV status, medical condition as defined by state law (genetic characteristics or cancer), pregnancy, childbirth and related medical conditions, veteran status, military service, marital status, familial status, genetic information, domestic violence victim status or any other classification protected by applicable federal, state and local laws and ordinances. This policy applies to hiring, placement, internal promotions, training, opportunities for advancement, recruitment advertising, transfers, demotions, layoffs, terminations, recruitment advertising, rates of pay and other forms of compensation and all other terms, conditions and privileges of employment. This policy applies to all Oaktree applicants, employees, clients, and contractors. Staff members wishing to report violations or suspected violations of this policy should contact the head of their department or Human Resources.

For positions based in Los Angeles

For those applying for a position in the city of Los Angeles, the firm will consider for employment qualified applicants with a criminal history in a manner consistent with applicable federal, state and local law.