Overview:
QXO is North America’s largest distributor and installer of insulation; second-largest distributor of roofing products; second-largest publicly traded distributor of lumber and building materials; and largest distributor of waterproofing products. QXO is the fastest growing company in the $800 billion building products distribution industry and plans to become the tech-enabled leader by delivering best-in-class customer satisfaction and outsized returns for its shareholders. The company is targeting $50 billion in annual revenue within the next decade through accretive acquisitions and organic growth. Visit QXO.com for more information.
What you will do::
- Define and maintain the enterprise identity reference model, including zero trust, identity governance, access lifecycle, and privileged access concepts
-
Define and maintain the enterprise application security reference model, including secure software development lifecycle, code-to-cloud, signed software bills of materials, artifact provenance, and runtime posture management
-
Partner with infrastructure leaders to embed security architecture across network, endpoint, cloud platform, and data center environments
-
Partner with engineering leaders to embed security architecture into developer pipelines, secure-by-design patterns, and continuous integration and delivery controls
-
Partner with enterprise application and data leaders to embed security architecture across ERP, business systems, third-party integrations, data classification, lineage, and access models
-
In partnership with the VP, IT Strategy & Architecture, define and maintain the security reference architecture for mergers and acquisitions integration, so acquired environments can be absorbed at speed while preserving security posture
-
Establish architectural guardrails for agentic AI across the security function and the enterprise, including scope boundaries, prompt auditing, tool permissions, AI security posture management, and model supply chain controls
-
Engineer for simplicity, standardization, and automation in every control. Automation comes before headcount — the charter is to size cybersecurity to QXO’s risk and scale.
-
Hold the line on private-by-default, zero trust, and CIS hardening via Infrastructure-as-Code. Anything that ships at QXO ships hardened.
-
Translate cybersecurity architecture into business outcomes. Tight, data-backed, no jargon unless warranted.
-
Lead by architecture, not by org chart. Influence the technical direction across IT, engineering, and external implementers without owning their headcount.
-
Anchor the program to NIST CSF 2.0. Own the architectural roadmap that drives measurable maturity gains year over year.
What you will bring::
- 12+ years in cybersecurity, with 7+ as a hands-on architect at Fortune 500 scale.
-
Authorship — not familiarity — with agentic AI and AI-SPM architecture. You have designed guardrails for AI agents in production: scope, prompt auditing, tool permissions, MCP supply chain.
-
CI/CD experience. Signed SBOMs, artifact provenance, runtime posture management, configuration drift — and you can defend the architectural choices on a whiteboard.
-
IaC-first instincts. Terraform, hardened images, private-by-default, zero trust. You have shipped the automation, not just sketched it.
-
M&A integration scars. You have absorbed acquired environments at speed without breaking the security posture. Enclave models and brokered access are second nature.
-
Deep cloud architecture across OCI, Azure, or GCP. Multi-cloud preferred.
-
A point of view on where cybersecurity is headed in the next 6–12 months. You build to where the industry is going, not where it is.
-
Bachelor’s degree in Computer Science, Information Assurance, MIS, or equivalent practical experience. Master’s preferred.
-
CISSP, CISM, or SANS GIAC
What you will earn::
To comply with Pay Transparency laws, employers must disclose an annual salary range. Actual offers depend on factors such as location, experience, skills, and market data. This position may also offer variable compensation.
Please contact
[email protected] if you have any questions related to this job posting.
QXO is an Equal Opportunity Employer. We value diversity and do not discriminate on the basis of race, color, religion, gender or sexual orientation, national origin, age, disability, or any other protected status.
Pay Range: USD $147,200.00 - USD $235,500.00 /Yr.