Principal Cybersecurity Engineer- Architecture

OneMain Financial-posted 3 months ago
Full-time • Senior
Baltimore, MD
5,001-10,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Principal Cybersecurity Engineer is ideally based in Baltimore, MD. Candidates may also be considered in Irving TX, Evansville IN, and Fort Mill SC. The Principal Cybersecurity Engineer will be responsible for designing, documenting, and reviewing the implementation of security controls across on-premises and cloud environments. The Principal Cybersecurity Engineer will collaborate across several business and technology organizations to provide technical guidance to ensure alignment with regulatory and organizational standards. The Principal Cybersecurity Engineer will create conceptual and technical design artifacts with emphasis on long-term technology planning, risk reduction, and regulatory compliance. The Principal Cybersecurity Engineer will also evaluate enterprise IT designs for their alignment with the enterprise security architecture and NIST 800.53 controls. The Principal Cybersecurity Engineer has a demonstrated mastery in multiple security and non-security technology platforms, with the ability to both lead and advise on the overall designs and strategies of both security and non-security technologies. Along with security platform mastery in more than one platform area (IDS/IPS, firewall/WAF, access and identity, malware defense, threat modeling, exposure management, among others), the Principal Cybersecurity Engineer is formally trained in enterprise IT design and architecture practices. Collaborate with and mentor enterprise architects in security best practices, fostering a collaborative and high-performance work environment. Prepare architectural designs and strategies for key security investments as required. Provide subject matter expertise in the evaluation of enterprise security technology platforms and products. Maintain and update the enterprise security architecture and relevant cybersecurity standards. Collaborate with stakeholders to perform tool rationalization, capability mapping, and gap analysis. Collaborate with stakeholders to gather requirements and develop comprehensive security solutions that meet business needs. Review and evaluate solution designs and deployments for proper security capability implementation. Ensure inclusion of security standards and alignment with technical and reference architectures. Manage, develop, and collaborate on threat models to identify and assess potential security risks within the organization's systems and applications. Ensure threat models are regularly updated and integrated into the solution design process to enhance proactive risk management. Develop and implement metrics to measure the effectiveness, efficiency, coverage, and maturity of the enterprise security architecture and the security architecture processes.

  • Design, document, and review the implementation of security controls across on-premises and cloud environments.
  • Collaborate across business and technology organizations to provide technical guidance.
  • Create conceptual and technical design artifacts with emphasis on long-term technology planning.
  • Evaluate enterprise IT designs for alignment with enterprise security architecture and NIST 800.53 controls.
  • Lead and advise on overall designs and strategies of security and non-security technologies.
  • Mentor enterprise architects in security best practices.
  • Prepare architectural designs and strategies for key security investments.
  • Provide subject matter expertise in evaluating enterprise security technology platforms.
  • Maintain and update the enterprise security architecture and cybersecurity standards.
  • Perform tool rationalization, capability mapping, and gap analysis.
  • Gather requirements and develop comprehensive security solutions.
  • Review and evaluate solution designs and deployments for security capability implementation.
  • Manage and develop threat models to identify and assess potential security risks.
  • Develop and implement metrics to measure the effectiveness of the enterprise security architecture.
  • Excellent verbal and written communication skills.
  • Ability to organize and facilitate planning and demonstrations.
  • Ability to track, manage, and ensure project tasks are completed in a timely manner.
  • Ability to prioritize multiple simultaneous projects.
  • Self-motivated to seek out and discover security gaps or weaknesses.
  • Deep working knowledge of NIST 800.53 controls, NIST CSF, and other industry security best practices.
  • Demonstrated knowledge of secure build and configuration standards in a highly regulated environment.
  • Formalized training in industry-standard architectural frameworks and techniques.
  • Experience designing or developing Cardholder Data Environments for PCI/DSS compliance.
  • Certified Information Systems Security Professional certification (CISSP) or equivalent.
  • Experience with Zero Trust Architecture and modern security models.
  • Familiarity with DevSecOps and infrastructure-as-code security.
  • Cloud Architecture (AWS, Azure).
  • Certified Cloud Security Professional certification (CCSP).
  • AWS Certified Security (SCS-C02).
  • Microsoft Cybersecurity Architect (SC-100).
  • Health and wellbeing options including medical, prescription, dental, vision, hearing, accident, hospital indemnity, and life insurances.
  • Up to 4% matching 401(k).
  • Employee Stock Purchase Plan (10% share discount).
  • Tuition reimbursement.
  • Paid time off (15 days’ vacation per year, plus 2 personal days).
  • Paid sick leave as determined by state or local ordinance.
  • Paid holidays (7 days per year).
  • Paid volunteer time (3 days per year).
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Principal Architect Resume Examples
Principal Architect Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service