Principal Cybersecurity Engineer- Architecture

About The Position

Requirements

• Excellent verbal and written communication skills.
• Ability to organize and facilitate planning and demonstrations.
• Ability to track, manage, and ensure project tasks are completed in a timely manner.
• Ability to prioritize multiple simultaneous projects.
• Self-motivated to seek out and discover security gaps or weaknesses in existing implementations.
• Deep working knowledge of NIST 800.53 controls, NIST CSF, and other industry security best practices.
• Demonstrated knowledge of secure build and configuration standards in a highly regulated environment.
• Formalized training in industry-standard architectural frameworks and techniques (e.g., NIST, GDPR, CCPA, PCI/DSS).
• Experience designing or developing Cardholder Data Environments to ensure compliance with PCI/DSS standards.
• Certified Information Systems Security Professional certification (CISSP) or equivalent certification.
• Minimum of 8 years' experience in the Cybersecurity field
• Minimum of 8 years' experience as an engineer or enterprise IT solutions architect
• Bachelor’s Degree in Computer Science or similar field of study

Nice To Haves

• Experience with Zero Trust Architecture and modern security models
• Familiarity with DevSecOps and infrastructure-as-code security
• Cloud Architecture (AWS, Azure)
• Certified Cloud Security Professional certification (CCSP)
• AWS Certified Security (SCS-C02)
• Microsoft Cybersecurity Architect (SC-100)

Responsibilities

• Designing, documenting, and reviewing the implementation of security controls across on-premises and cloud environments.
• Collaborate across several business and technology organizations to provide technical guidance to ensure alignment with regulatory and organizational standards.
• Create conceptual and technical design artifacts with emphasis on long-term technology planning, risk reduction, and regulatory compliance.
• Evaluate enterprise IT designs for their alignment with the enterprise security architecture and NIST 800.53 controls.
• Collaborate with and mentor enterprise architects in security best practices, fostering a collaborative and high-performance work environment.
• Prepare architectural designs and strategies for key security investments as required.
• Provide subject matter expertise in the evaluation of enterprise security technology platforms and products.
• Maintain and update the enterprise security architecture and relevant cybersecurity standards.
• Collaborate with stakeholders to perform tool rationalization, capability mapping, and gap analysis.
• Collaborate with stakeholders to gather requirements and develop comprehensive security solutions that meet business needs.
• Review and evaluate solution designs and deployments for proper security capability implementation.
• Ensure inclusion of security standards and alignment with technical and reference architectures.
• Manage, develop, and collaborate on threat models to identify and assess potential security risks within the organization's systems and applications.
• Ensure threat models are regularly updated and integrated into the solution design process to enhance proactive risk management.
• Develop and implement metrics to measure the effectiveness, efficiency, coverage, and maturity of the enterprise security architecture and the security architecture processes.

Benefits

• Health and wellbeing options including medical, prescription, dental, vision, hearing, accident, hospital indemnity, and life insurances
• Up to 4% matching 401(k)
• Employee Stock Purchase Plan (10% share discount)
• Tuition reimbursement
• Paid time off (15 days’ vacation per year, plus 2 personal days, prorated based on start date)
• Paid sick leave as determined by state or local ordinance, prorated based on start date
• Paid holidays (7 days per year, based on start date)
• Paid volunteer time (3 days per year, prorated based on start date)