Principal Information Security Engineer

About The Position

Requirements

• 12+ years of experience in cybersecurity, security operations, or information security engineering
• Hands-on experience with Splunk Enterprise for SIEM, log management, and detection engineering
• Proficiency with CrowdStrike for endpoint detection, response, and threat hunting
• Experience using Wiz or similar CSPM tools for cloud security visibility and risk remediation
• Hands-on experience with Netskope or similar CASB/SSE platforms for data loss prevention, shadow IT, and secure web access
• Strong background in incident response, including investigation, containment, and root cause analysis
• Experience with vulnerability management programs and remediation workflows
• Solid understanding of network security, cloud security (AWS/GCP/Azure), and identity and access management
• Experience supporting or operating within SOC 2 and PCI compliance environments
• Ability to partner effectively with engineering and infrastructure teams to drive security outcomes
• Strong risk assessment, prioritization, and communication skills

Nice To Haves

• Experience performing third-party vendor security assessments
• Familiarity with cloud-native architectures and container security
• Prior experience in fintech, regulated industries, or environments handling sensitive customer data
• Experience with threat intelligence platforms and integrating feeds into detection workflows
• Security certifications such as CISSP, CISM, GCIA, GCIH, GCED, or equivalent experience

Responsibilities

• Own end-to-end cybersecurity operations, including threat detection, incident response, and vulnerability management across all Self products and infrastructure
• Build, tune, and maintain detection content in Splunk Enterprise (SIEM) to identify threats, anomalies, and policy violations
• Operate and optimize CrowdStrike for endpoint detection and response (EDR), including alert triage, threat hunting, and containment
• Manage cloud security posture using Wiz, including misconfiguration identification, risk prioritization, and remediation tracking
• Administer and optimize Netskope for CASB and secure web gateway (SWG) functions, including DLP policy enforcement, shadow IT visibility, and web threat protection
• Design, manage, and optimize Next-Generation Firewalls (NGFW) and cloud native networking to enforce zero-trust principles and secure perimeter defenses
• Lead incident response efforts - from detection through containment, eradication, and post-incident review
• Conduct proactive threat hunting across endpoint, network, and cloud environments
• Partner with engineering and infrastructure teams to remediate critical security findings and reduce attack surface
• Lead and perform third-party vendor security reviews and risk assessments
• Support SOC 2 and PCI compliance efforts, including audit preparation and evidence collection
• Identify security risks across the environment and recommend mitigation strategies
• Monitor emerging cybersecurity threats and translate them into actionable detection and prevention controls

Benefits

• Company equity in the form of Stock Options
• Performance-based bonuses
• Generous employer-paid health, vision and dental insurance coverage
• Flexible vacation policy
• Educational assistance
• Free gym membership
• Casual dress code
• Team building events and activities
• Remote work arrangements/ flexible work schedule
• Paid parental leave