About this role
Founded in 1988, Trimont (www.trimont.com) is a specialized global commercial real estate loan services provider and partner for lenders and investors seeking the infrastructure and capabilities needed to help them scale their business and make informed, effective decisions related to the deployment, management and administration of commercial real estate secured credit. As the largest master servicer of commercial real estate loans in the United States, Trimont manages securitizations with meticulous oversight and coordination—protecting cash flows, mitigating risk, and ensuring portfolio performance.
We do this with a team of 1100+ extraordinary team members who serve a global client base from offices in Atlanta (headquarters), Bengaluru, Charlotte, Dallas, Hyderabad, Kansas City, London, New York and Sydney. We empower our people with advanced technology, industry-leading knowledge, and a culture centered on our core values. This approach enables our teams to deliver exceptional client service, build lasting relationships and take pride in the high-quality work they perform.
Trimont is an innovative firm where visionary professionals come to learn, grow, and thrive with colleagues driven by curiosity and collaboration.
Learn: We believe ongoing learning is critical and are focused on providing a work environment where all team members can take ownership of their careers.
Grow: We work alongside the largest institutional lenders in the world, overseeing the most significant projects in the industry. This unique opportunity allows us to broaden our skillset and develop our abilities by tackling some of the industry's most challenging and exciting endeavors.
Thrive: Our firm is a place where ethics and excellence meet to create an experience that matches our capabilities. There are no limits to what we as team members and as an organization, can achieve together.
Where people, purpose, and progress come together every day.
Job Summary:
The Managing Director, Security Principal is Trimont's senior technical leader for security. Reporting to the Chief Security Officer (CSO), this role owns the technical depth behind the security program: architecting solutions, evaluating vendor technology, and building custom tooling, including AI-assisted and agentic automation, where commercial products fall short.
This is a hands-on engineering and architecture role with no direct reports. The Security Principal partners closely with the CSO, Chief Technology Officer (CTO), the Security Operations Center as a Service (SOCaaS) provider, and internal engineering teams to translate strategy into working, defensible systems.
Responsibilities:
• Serve as the senior technical authority for Trimont's security program, setting architecture standards and technical direction across identity, network, cloud, application, and data security domains.
• Lead build vs. buy decisions by evaluating vendor solutions and designing/building custom integrations or platforms where commercial products do not meet requirements.
• Design, build, and operate AI-assisted and agentic automation for security operations, including alert triage, vulnerability management, and compliance evidence collection, with appropriate human oversight.
• Own technical architecture and integration strategy for core security platforms (SIEM, IAM/SSO/MFA, DLP, EDR, vulnerability management).
• Architect and scale secure software development lifecycle (SDLC) practices by integrating automated security controls into DevOps pipelines.
• Act as a senior technical escalation point during security incidents, partnering with SOCaaS and internal teams for detection, investigation, and response.
• Lead enterprise vulnerability management, including scanning architecture, penetration test scoping, remediation validation, and prioritization.
• Embed security requirements early by conducting architecture and design reviews for major technology initiatives.
• Prototype and evaluate emerging technologies (e.g., agentic AI, blockchain security, zero trust), providing recommendations based on hands-on testing.
• Contribute hands-on engineering work (code, scripts, playbooks, automation) in addition to technical review and guidance.
• Mentor and upskill security and engineering teams as a technical leader and force multiplier, without direct management responsibilities.
• Represent Trimont's technical security posture in client, auditor, and regulator engagements as directed by the CSO.
Required Qualifications:
• Bachelor's degree in computer science, information security, or related field; equivalent hands-on experience considered.
• 15+ years in security engineering, architecture, or offensive security, with progression to Staff/Principal-level individual contributor.
• Deep, hands-on technical proficiency in at least three of: application security/secure SDLC, cloud security architecture (AWS/Azure/GCP), IAM engineering, network/perimeter security, SIEM/SOAR engineering, or offensive security.
• Demonstrated experience building automation or tooling (custom integrations, scripts, orchestration) across security platforms.
• Practical experience building AI-assisted or agentic automation (e.g., orchestration frameworks, tool-calling agents, LLM API integration).
• At least one hands-on technical certification (e.g., OSCP, OSCE, GPEN, GCIH, GXPN, AWS/Azure security certification).
• Working knowledge of regulatory and control frameworks relevant to financial services (NIST, ISO 27001, GLBA, GDPR, CCPA) to engineer compliant controls.
• Strong written and verbal communication skills for technical and executive audiences.
Preferred Qualifications:
• CISSP, CISM, or CISA certifications (for cross-functional credibility with governance stakeholders).
• Experience in financial services, commercial real estate, or other highly regulated industries.
• Proven development experience
Trimont is an equal opportunity employer, and we're proud to support and celebrate diversity in the workplace. If you have a disability and need an accommodation or assistance with the application process and/or using our website, please contact us. We are proud to maintain a drug-free policy, ensuring that our community is a secure and productive space for all our team members.