Principal Security Engineer - Vulnerability Management
About The Position
This role focuses on leading vulnerability management initiatives to protect critical systems and data across cloud and on-premises environments. The Principal Security Engineer will design, implement, and optimize security programs, tools, and automation workflows to proactively identify and remediate risks. You will work closely with platform, development, and security teams to enforce best practices, ensure compliance, and integrate security into CI/CD pipelines and cloud infrastructure. This position offers a high-impact opportunity to guide security strategy, mentor team members, and influence system design across complex enterprise environments. The ideal candidate combines deep technical expertise with strong communication skills, a security-first mindset, and hands-on experience in AWS, containers, and vulnerability remediation. Success in this role directly improves system resilience, mitigates threats, and strengthens organizational security posture.
Requirements
- 6+ years of professional experience in security engineering, vulnerability management, or related roles.
- Hands-on expertise in vulnerability remediation, lifecycle management, and automated security solutions.
- Strong understanding of cloud environments, especially AWS services (Route53, IAM, Security Groups, S3, CloudWatch, GuardDuty, Security Hub).
- Proficiency with containerization technologies and orchestration platforms.
- Experience with infrastructure-as-code (Terraform, Pulumi, CloudFormation) and CI/CD security integration.
- Solid knowledge of attack techniques, exploitability, supply chain risks, and APT tactics.
- Programming/scripting proficiency (Python) for automation of security workflows.
- Excellent written and verbal communication skills for collaboration and security documentation.
- Ability to work independently and within distributed teams, managing multiple priorities effectively.
Responsibilities
- Lead the vulnerability management program, including identification, prioritization, and remediation of security risks across infrastructure, cloud, and network environments.
- Collaborate with platform and development teams to implement secure design and operational best practices.
- Conduct vulnerability assessments, risk analysis, and develop automated workflows for detection and remediation.
- Oversee the integration of security tools and monitoring solutions, such as Jira, JupiterOne, Palo Alto Prisma, and AWS Security Hub.
- Maintain expertise in cloud security, IaC tools (Terraform, Pulumi, CloudFormation), container technologies, and CI/CD pipelines.
- Interpret CVSS and proprietary security scoring to escalate threats and coordinate mitigation with stakeholders.
- Mentor and support junior security team members, fostering knowledge sharing and growth.
- Document processes, incident responses, and security findings for internal and compliance purposes.
- Continuously evaluate emerging security technologies and practices to enhance program effectiveness.
Benefits
- Competitive salary range: $120,000â$200,000 USD.
- Equity opportunities and annual performance-based bonuses.
- Comprehensive medical, dental, and vision coverage.
- Retirement plans with employer match and tax-advantaged options.
- Paid time off, sick leave, and company-observed holidays.
- Professional development opportunities and mentoring programs.
- Fully remote work within the U.S., supporting flexible work-life balance.
- Access to cutting-edge security tools and a collaborative, high-impact team environment.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
