Principal Engineer - Cyber Countermeasures

About The Position

Requirements

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or equivalent work experience; Master's degree preferred.
• Advanced knowledge of adversary TTPs, cyber defense operations, and detection engineering methodologies.
• Familiarity with MITRE ATT&CK, MITRE D3FEND, Cyber Kill Chain, and deception frameworks.
• 10+ years of progressive experience in cybersecurity, with at least 7 years in detection engineering, red/purple team operations, or cyber defense countermeasures.
• Demonstrated expertise in designing and implementing countermeasures to mitigate sophisticated adversary campaigns.
• Hands-on experience with SIEM, EDR, SOAR, and deception technologies (e.g., Splunk, CrowdStrike, Sentinel, Illusive, or Attivo).
• Proven ability to operationalize adversary simulation and intelligence into measurable security improvements.
• Experience in developing security automation scripts and tools (e.g., Python, PowerShell, or similar).
• Strong communication skills with the ability to present defensive strategies and technical findings to both technical teams and executive stakeholders

Nice To Haves

• GIAC Cyber Threat Intelligence (GCTI)
• GIAC Reverse Engineering Malware (GREM)
• Offensive Security Certified Professional (OSCP) or Offensive Security Experienced Penetration Tester (OSEP)
• Certified Information Systems Security Professional (CISSP) or equivalent senior-level certification a plus

Responsibilities

• Lead the design and implementation of cyber countermeasures to prevent, detect, and disrupt advanced adversary tactics, techniques, and procedures (TTPs).
• Develop and optimize detection engineering use cases, correlation rules, and behavioral analytics across SIEM, EDR, SOAR, and cloud platforms.
• Partner with threat intelligence and red team functions to emulate adversary tradecraft and convert insights into actionable countermeasures.
• Lead efforts to integrate deception technologies, honeypots, and adversary engagement strategies into enterprise defenses.
• Collaborate with SOC, incident response, and vulnerability management teams to ensure countermeasures are actionable, tested, and continuously improved.
• Engineer security automation and orchestration workflows to accelerate incident detection and response.
• Act as a technical escalation point during major incidents where adversary countermeasures must be deployed in real-time.
• Monitor industry research, emerging threats, and evolving attacker techniques to ensure defenses remain ahead of adversary capabilities.
• Mentor SOC engineers, detection engineers, and other cyber defense staff in adversary disruption tradecraft.
• Provide input to executive leadership on countermeasure effectiveness, defensive gaps, and future-state strategies.

Benefits

• We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members' ability to live with purpose every day.
• In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness.
• This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave.
• To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more.