Cybersecurity Engineering Service Lead

Job Description:

We’re actively seeking a talented Cybersecurity Engineering Service Lead to join the Engineering department within our Operational Risk and Resilience (OR&R) team. In this role, you’ll play a key part in identifying, assessing, and communicating cyber, IT, and third‑party risks to support effective enterprise risk management. As the Service Lead, you’ll define service strategy and guide execution of the Engineering service’s capabilities across the enterprise. These capabilities include:

• Threat Modelling and Security Reviews - Validate secure design, implementation, and continuous operation across applications, platforms, and services.
• Application Security and Configuration Management Oversight - Partner with 1LOD stakeholders to create transparency and drive accountability to policies, standards, and controls.
• Security Consulting and Engineering Support - Provide targeted consulting and engineering support to meet OR&R department needs.

The OR&R team operates primarily as a second line of defense (2LOD), providing independent check and challenge to first‑line technical teams across the enterprise. We provide oversight through validation of controls to help ensure risks are identified early, appropriately assessed, and effectively managed.

This role will be located in our Newport Beach, California office and is classified as hybrid, working four days per week on‑site and one day remote.

How you’ll help move us forward:

• Drive a secure‑by‑design approach across the enterprise by embedding Engineering oversight into organizational processes for new projects, purchases, and changes, ensuring security and risk considerations are addressed early and consistently.
• Continuously assess technologies for alignment with defined policies, standards, procedures, and controls, driving remediation, risk acceptance, or escalation where gaps and emerging risks are identified.
• Identify and drive improvement initiatives within the Engineering service that strengthen effectiveness, consistency, and scalability.
• Stay apprised of risk issues across Cyber, IT, and Third‑Party domains, analyzing where earlier Engineering engagement could have improved risk identification, mitigation, or acceptance, and incorporating those learnings into future processes.
• Identify issues and opportunities within the broader OR&R organization where the Engineering service can deliver solutions, including product implementation, automation, or the application of emerging technologies such as generative AI.
• Provide second‑line oversight of first‑line (1LOD) technical functions, primarily Application Security and Configuration Management, to ensure activities are aligned with established policies, standards, procedures, and controls, and to build confidence in the consistency and quality of execution.
• Define service strategy, establish roadmaps, and create transparency into team performance, risks, and successes through meaningful metrics, reporting, and stakeholder communications.

The experience you bring:

• 8+ years of experience in security engineering, risk management, or a related technical discipline within a large enterprise environment.
• Experience designing, building, and deploying scalable enterprise solutions while balancing risk, velocity, and stakeholder expectations.
• Demonstrated experience assessing the security of products, projects, or technology implementations, including identifying control gaps, design weaknesses, and areas of elevated risk.
• Strong process improvement experience, with the ability to break complex processes into component parts, identify inefficiencies or failure points, and drive continual improvement.
• Experience partnering effectively across technical and non‑technical teams, balancing collaboration with independent challenge to ensure alignment with established policies, standards, procedures, and controls.

What makes you stand out:

• Experience driving or supporting secure‑by‑design initiatives, embedding security and risk considerations into early stages of product development and technology adoption.
• Application Security and/or Configuration Management experience.
• Experience integrating security into the software development lifecycle (SDLC).
• Experience operating in a second line of defense (2LOD) role, providing independent oversight of first line technical teams while maintaining strong partnerships and accountability.
• Risk management experience aligned with frameworks such as NIST Cybersecurity Framework, COBIT 2019, and the NIST Privacy Framework.

• Previous leadership experience as a senior individual contributor, acting lead, or mentor/coach, providing guidance, influence, and direction without formal people management responsibilities.

• Strong interpersonal skills with the ability to establish relationships, build trust, and influence outcomes across teams to drive alignment with department and enterprise goals.
• Experience working in a global organization, partnering with stakeholders across multiple time zones.

Desired behaviors:

• Drives change by identifying opportunities and taking ownership of improvements.
• Solution‑oriented, focusing on practical and scalable outcomes.
• Executes quickly while maintaining appropriate rigor and risk awareness.
• Embraces change and adapts effectively in a dynamic environment.

Base Pay Range:

The base pay range noted represents the company’s good faith minimum and maximum range for this role at the time of posting. The actual compensation offered to a candidate will be dependent upon several factors, including but not limited to experience, qualifications and geographic location. Also, most employees are eligible for additional incentive pay.

$137,610.00 - $168,190.00

Your Benefits Start Day 1  
 

Your wellbeing is important to Pacific Life, and we’re committed to providing you with flexible benefits that you can tailor to meet your needs. Whether you are focusing on your physical, financial, emotional, or social wellbeing, we’ve got you covered.

• Prioritization of your health and well-being including Medical, Dental, Vision, and Wellbeing Reimbursement Account that can be used on yourself or your eligible dependents

• Generous paid time off options including: Paid Time Off, Holiday Schedules, and Financial Planning Time Off

• Paid Parental Leave as well as an Adoption Assistance Program

• Competitive 401k savings plan with company match and an additional contribution regardless of participation

You Can Be Who You Are

We are committed to a culture of diversity and inclusion that embraces the authenticity of all employees, partners and communities. We support all employees to thrive and achieve their fullest potential.

What’s life like at Pacific Life? Visit Instagram.com/lifeatpacificlife

EEO Statement:

Pacific Life Insurance Company is an Equal Opportunity /Affirmative Action Employer, M/F/D/V. If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access our career center as a result of your disability. To request an accommodation, contact a Human Resources Representative at Pacific Life Insurance Company.