Principal - Information Security Engineering

About The Position

Requirements

• 10+ years of experience in information security engineering or architecture
• Deep hands‑on experience across multiple domains: Identity, network, cloud, endpoint, SIEM/SOAR, and data protection
• Strong understanding of security controls in Manufacturing and OT/ICS environments
• Experience implementing controls in hybrid and legacy‑heavy environments.
• Proven ability to drive security engineering initiatives from design through operationalization.
• Identity & access management (MFA, SSO, PAM, RBAC).
• Network security and segmentation.
• Cloud security architecture and controls.
• SIEM/SOAR and detection engineering.
• Data protection, DLP, and data classification.
• Endpoint and exposure management.
• OT/ICS security concepts and constraints.
• Zero Trust principles.
• Outcome‑oriented and execution‑focused.
• Comfortable operating in ambiguity and complex environments.
• Strong prioritization and problem‑solving skills.
• Able to balance security requirements with operational realities.
• Strong cross‑functional communication and stakeholder management.

Nice To Haves

• Typically requires a minimum of 15 years of related experience with a Bachelor’s degree; or 12 years and a Master’s degree; or a PhD with 8 years of experience; or equivalent experience.
• Experience in high‑tech manufacturing or industrial environments.
• Experience with Microsoft security stack (e.g., Sentinel, Entra, Purview).
• Experience with Palo Alto, CrowdStrike, and modern identity platforms.
• CISSP, CISM, GIAC, or equivalent certifications.
• Experience with AI/GenAI security controls and governance frameworks.

Responsibilities

• Own and enhance identity security capabilities across IT, cloud, and OT environments.
• Optimize and harden enterprise identity controls (MFA, SSO, PAM, Service Account Management).
• Define and enforce least privilege, RBAC, and identity governance standards.
• Extend identity controls into manufacturing and OT environments using practical and scalable approaches.
• Define and evolve network security and containment strategies.
• Design and validate enterprise‑scale containment strategies and zero‑trust access patterns.
• Drive engineering decisions across firewall platforms, network access, PKI, and certificate management.
• Improve containment effectiveness and reduce lateral movement risk across environments.
• Evolve and govern cloud security guardrails and control patterns.
• Act as the design authority, driving the technical maturity of security platforms to ensure high‑fidelity alerting and automated remediation.
• Partner with infrastructure and application teams to ensure secure deployment standards.
• Lead implementation and expansion of data protection and DLP capabilities.
• Partner with business and engineering teams to identify Crown jewel data, critical data flows and exposure pathways.
• Support AI governance and security controls, including AI traffic visibility, access control, monitoring, and guardrails.
• Align controls to emerging industry practices for AI and GenAI security.
• Provide security design oversight for manufacturing environments, partnering with factory IT engineers to adapt IT standards (such as identity and segmentation) to factory‑floor realities.
• Define practical security controls for legacy systems, remote access, and vendor connectivity.
• Improve OT visibility, monitoring, and containment capabilities.
• Partner directly with factory engineering and operations leadership.
• Evaluate and improve the effectiveness of detection and response.
• Drive the transition from vulnerability volume management to continuous exposure management.
• Lead complex, cross‑functional security engineering initiatives.
• Translate security strategy into scalable, operational solutions.
• Drive measurable outcomes—not just technology deployment.
• Establish repeatable engineering patterns and processes.
• Influence technical decisions and prioritization across teams.

Benefits

• eligibility to participate in discretionary bonus program
• medical, dental, vision, and life insurance
• short- and long-term disability
• 401(k)
• employee stock purchase plan
• health savings account
• dependent care, and healthcare spending accounts
• paid time off
• 12 holidays
• flexible time off provided pursuant to Seagate policy
• a minimum of 48 hours of paid sick leave
• 16 weeks of paid parental leave