Principal Cybersecurity Engineer

About The Position

Requirements

• Bachelor's or advanced degree in Cybersecurity, Information Technology, or a closely related discipline.
• 8+ years of hands-on cybersecurity engineering experience, emphasizing cloud environments, incident detection/response, and network defense.
• Demonstrable mastery of cybersecurity frameworks, risk management processes, and regulatory compliance.
• Strong communication and leadership capabilities, including the ability to explain complex security topics to non-technical audiences.
• Track record of thriving in ambiguous settings through critical thinking, rapid adaptation, and commitment to ongoing learning.

Nice To Haves

• Active security certifications (e.g., CISSP, CSSP, or equivalent)
• Technical certifications in cloud platforms (e.g., AWS, Azure, Microsoft 365)
• Hands-on experience with SDLC processes and supporting technologies
• Demonstrated expertise in deploying and securing AI-driven solutions

Responsibilities

• Implement and manage projects associated with a comprehensive cybersecurity strategy that is aligned with business objectives.
• Lead and mentor a small team of cybersecurity professionals, fostering a culture of continuous learning and improvement while ensuring the effective and efficient operation of security programs.
• Collaborate with technology leadership and engineering teams to integrate cybersecurity measures, risk management, and business continuity plans into cloud operations.
• Keep up with emerging cyber threats and technology trends to proactively adapt security strategies.
• Manage security tool budgets and vendor relationships.
• Define and report on key security metrics to leadership.
• Lead security engineering initiatives, including architecture reviews and secure design practices.
• Oversee penetration testing, vulnerability management, and adversary emulation activities to validate defenses.
• Direct anomaly and threat detection activities to proactively detect and neutralize advanced threats.
• Collaborate with infrastructure and cloud teams to embed security into core technology processes.
• Manage alert escalations and execute the incident response plan as required, ensuring the organization is protected and can recover from cybersecurity incidents.
• Serve as escalation point for critical incidents, including after-hours response.
• Investigate and resolve incident response efforts, identify root causes and remediation actions to minimize the impact and reoccurrence of security incidents.
• Oversee the design and implementation of robust security architectures, including the detection/alerting ecosystem, endpoint security policies, and cloud-native automation.
• Evaluate and recommend security technologies, tools, and methodologies to enhance the organization's security posture.
• Ensure compliance with relevant cybersecurity regulations and standards.
• Develop the cybersecurity governance strategy for efficient and sustainable compliance audit activities.
• Consult with legal and compliance teams to address cybersecurity-related regulatory requirements.