Cyber Security Principal

About The Position

Requirements

• Bachelor's degree/Equivalent in computer science, information systems and/or equivalent formal training.
• Five (5+) years of experience in IT information security.
• Skills include IT security and infrastructure.
• Strong technical and consulting skills, project management capability.
• Experience with security and risk frameworks, standards and best practices.
• Strong communication skill.

Nice To Haves

• Experience designing and implementing security controls in a complex, multi-cloud environment (AWS, Azure, GCP).
• Published security research, conference talks, or open-source tool contributions.
• Advanced security certifications (e.g., OSCP, OSWE, GWAPT, CISSP).
• Experience in defining and scaling security programs (e.g., bug bounty, security champions).
• 7-10+ years of experience in technical engineering roles.
• 3-5+ years in a dedicated application, product, or offensive security leadership role.
• Expert-level proficiency in one or more programming languages (e.g., Python, Java, Go, C#).
• Deep, practical expertise in secure architecture, threat modeling, and building security automation.
• A proven track record of leading complex, cross-functional security projects and initiatives.

Responsibilities

• Implement and support technologies deployed across application, network/perimeter, data, endpoint, identity & access, and mobility domains.
• Researches attempted or successful efforts to compromise systems security and designs countermeasures.
• Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems.
• Perform other duties as assigned.
• Drive the security strategy for your product area.
• Identify and solve broad, systemic security issues.
• Define and lead multi-team security initiatives from concept to completion.
• Lead and facilitate threat modeling for large-scale, complex systems.
• Teach and empower development teams to conduct effective threat modeling on their own and scale the practice.
• Review system architecture and design for security flaws, going beyond common vulnerabilities to identify subtle and complex issues.
• Propose and advocate for new secure design patterns and architectural standards.
• Design, build, and implement the security automation strategy for your portfolio.
• Integrate new classes of security tools, build custom automation to address unique challenges, and improve the signal-to-noise ratio of security feedback for developers.
• Actively mentor product security and development engineers on security best practices, design, and architecture.
• Act as a security subject matter expert and thought leader.
• Influence team-wide and cross-functional technical and architectural decisions to ensure security is a foundational component.

Benefits

• health, vision, and dental insurance
• retirement plans
• tuition reimbursement