Find The RightJob.

AVP-Technology

What You'll Do:

We’re looking for an AVP of Technology to join our Information Security team. Reporting to the CISO, you will own and lead security engineering outcomes across cloud security, AI‑enabled automation, IAM/CIAM, and enterprise data protection. In this role, you will set the strategic vision and drive execution through your teams for how the organization designs, builds, and operates secure cloud and identity‑centric platforms—reducing risk through engineered, automated controls rather than manual processes.

You will build and mature scalable security control planes across cloud, identity, and data—leveraging automation and AI to improve speed, consistency, and resilience—while enabling engineering teams to move from current‑state implementations to future‑state, secure‑by‑design architectures.

Your Day Could Look Like:

Cloud Security Engineering & Architecture

Cloud Security Engineering owns the strategy and security engineering outcomes for enterprise cloud security across our cloud infrastructures, including identity‑centric access controls, secure cloud architectures, workload protection, and automated policy enforcement. Delivers measurable improvements in cloud risk reduction, configuration consistency, and secure‑by‑default adoption through engineered and automated controls.

Automation Strategy & Program Leadership

Defines and drives the enterprise security automation and AI vision, aligning roadmap and investments to modernize cloud security, IAM/CIAM, and data protection. Accountable for reducing manual security effort and increasing control coverage and reliability through automation.

Program, Portfolio & Budget Stewardship

Owns a multi‑year investment roadmap and annual operating plan for security engineering (cloud security, AI/automation, IAM/CIAM, data protection). Establishes business cases and success metrics; manages budget‑to‑value; and leads prioritization trade‑offs (manual controls vs. automation, build vs. buy, tactical remediation vs. strategic platform uplift) aligned to enterprise risk appetite.

IAM / CIAM Engineering

Provides strategic oversight of enterprise IAM capabilities, including IGA, CIAM, PAM, authentication modernization, and least‑privilege enforcement across cloud and on‑prem environments, strengthening identity‑centric cloud security patterns.

Data Protection & Security Engineering

Leads strategy and engineering execution for enterprise data protection across cloud, SaaS, and on‑prem environments, delivering improved data visibility, policy enforcement, and reduction of high‑risk exposures through automated controls

Who You Are:

Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field, with 15+ years of IT experience focused on security engineering and/or operations, including deep exposure to IAM/CIAM and data protection. You bring 6+ years of people leadership and 5+ years leading enterprise security initiatives, including building and leading engineering teams that deliver enterprise‑scale platforms.
Strong enterprise leadership with the ability to lead through influence, partnership, and formal authority, communicate across technical and non‑technical stakeholders, and drive alignment and adoption for complex security programs
You have a strong understanding of modern cloud security engineering practices across AWS/Azure, including identity architecture, zero trust principles, and data protection controls.
Hands‑on or strategic experience with IAM/CIAM technologies—including IGA, PAM, MFA, SSO, and directory services—and with data security platforms such as encryption, DLP, key management, and DSPM.
Demonstrated ability to design and govern automation patterns and orchestration workflows, and to guide teams through implementation. Maintains strong technical fluency to lead architectural reviews and coach engineers—not as a day‑to‑day implementer, but as an applied technical leader.

Skills That Will Help You Stand Out

Advanced security certifications (CISSP, CISM, SANS) are a plus, along with cloud security, IAM, or DevSecOps credentials (CCSP, AWS/Azure, CIAM, PAM certifications).
Strong familiarity with applying AI/ML in cybersecurity, including AI-driven detection tools (UEBA, anomaly detection, AI-based threat intelligence), and experience integrating identity analytics and data security monitoring into automated response workflows.
Experience implementing zero trust architecture principles across identity, device, network, and data layers.
Demonstrated success modernizing IAM and data protection programs in complex, hybrid enterprise environments.
Experience working in a financial institution.

Salary Range Information: Salary ranges below reflect targeted base salaries. Non-sales positions have the opportunity to participate in a bonus program. Sales positions are eligible for sales incentives, and in some instances a bonus plan, whereby total compensation may far exceed base salary depending on individual performance. Actual compensation for all roles will be based upon geographic location, work experience, education, licensure requirements and/or skill level and will be finalized at the time of offer. Salary Range: $179000 - $243000 / year Time Off Program: Flexible Time Off (FTO) is provided to salaried (exempt) employees and provides the opportunity to take time away from the office with pay for vacation, personal or short-term illness. Employees don’t accrue a bank of time off under FTO and there is no set number of days provided. Pension Eligible: Yes Additional Information:

Our Engineering Culture

Through our product-driven Agile/Lean DevOps environment, we’ve fostered a culture of innovation and experimentation across our development teams. As a customer-focused organization, we work closely with our end users and product owners to understand and rapidly respond to emerging business needs.

Collaboration is embedded into everything we do – from the products we develop to the quality service we provide. We’re driven by the belief that diversity of thought, background, and perspective is critical to creating the best products and experiences for our customers.

Work Environments

This role offers in-office, hybrid (blending at least three office days in a typical workweek), and remote work arrangements (only if residing more than 30 miles from Des Moines, IA, Charlotte, NC, and Raleigh, NC). You’ll work with your leader to figure out which option may align best based on several factors.

Work Authorization/Sponsorship

At this time, we're not considering applicants that need any type of immigration sponsorship (additional work authorization or permanent work authorization) now or in the future to work in the United States. This includes, but IS NOT LIMITED TO: F1-OPT, F1-CPT, H-1B, TN, L-1, J-1, etc. For additional information around work authorization needs please use the following links.

Nonimmigrant Workers and Green Card for Employment-Based Immigrants

Investment Code of Ethics

For Principal Asset Management positions, you’ll need to follow an Investment Code of Ethics related to personal and business conduct as well as personal trading activities for you and members of your household. These same requirements may also apply to other positions across the organization.

Experience Principal

At Principal, we value connecting on both a personal and professional level. Together, we’re imagining a more purpose-led future for financial services – and that starts with you. Our success depends on the unique experiences, backgrounds, and talents of our employees. And we support our employees the same way we support our customers: with comprehensive, competitive benefit offerings crafted to protect their physical, financial, and social well-being. Check out our careers site to learn more about our purpose, values and benefits.

Principal is an Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Posting Window: We will accept applications for 3 full days following the Original Posting Date, after which the posting may remain open or be removed based upon applications received. If we choose to post the job again, we will accept additional applications for at least 1 full day following the Most Recently Posted Date. Please submit applications in a timely manner as there is no guarantee the posting will be available beyond the applicable deadline. Date First Posted (TTF): 3/9/2026 Latest Post Date: Careers - US: 3/9/2026

LinkedIn Remote Hashtag

: #LI-Remote

LinkedIn Hashtag

: #LI-EW1

Similar jobs

AVP, Technology – IT Asset Management

LPL Financial

Fort Mill, United States

2 days ago

Term of use Privacy policy