Principal Security Engineer

Cboe Global Markets•Overland Park, KS

11d•Hybrid

About The Position

The Principal Information Security Engineer is a senior member of Cboe’s Security Engineering team, responsible for defining and driving the enterprise-wide security architecture, strategy, and long-term technical direction across a broad portfolio of security technologies. This includes Security Incident and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR) and case management, Endpoint Detection and Response (EDR), secure email gateways, and data loss prevention (DLP) solutions across endpoint and email environments. This role is not limited to a single tool or domain. Instead, the Principal Engineer owns multiple platforms and end-to-end security capabilities, establishing reference architectures, engineering standards, and scalable design patterns that guide engineering teams across the organization. As a recognized technical authority, this individual operates with a high degree of autonomy, setting strategic direction rather than executing on predefined plans. The role is critical in addressing complex, ambiguous, and cross-functional security challenges, with decisions that directly influence Cboe’s overall security posture and risk profile. The ideal candidate brings deep expertise across the full IT landscape, including security, infrastructure, networking, endpoints, servers, and emerging technologies—and leverages that knowledge to lead the design, development and deployment of durable, scalable, and secure solutions aligned to evolving business and threat environments.

Requirements

Proven principal-level experience (minimum 10 years) in information security, with recognized, authoritative depth across multiple security domains and a strong focus on architecture, engineering, and operations.
Experience and knowledge on current security technologies (Databahn, Google Secops, Bindplane, ProofPoint, Microsoft Security)
Proficiency in scripting and automation for security operations.
Experience with Linux/Unix and Windows administration, including Active Directory (AD) and EntraID.
Proficiency with the Microsoft Security Stack (Defender for Endpoint, Defender for Identity, Defender for CloudApps, Purview DLP, Intune)

Nice To Haves

Bachelor's Degree in Cybersecurity or Computer Science
System Administration experience in Linux and Windows
Proven ability to script and automate tasks
Specific experience with Google Secops SIEM, the Microsoft Security Stack, or ProofPoint Email Security Services
CISSP, CASP or other related security certifications

Responsibilities

Serve as a recognized technical authority across IT, Security, and Leadership, translating complex technical risk into clear business and regulatory context for executives, security leaders, and stakeholders including legal and regulatory teams.
Design, implement, and govern comprehensive security solutions across multiple platforms utilizing a variety of security tools, programming languages, and services, operating with near-complete autonomy.
Design automation and engineering patterns that enhance the efficiency, scalability, and durability of security operations enterprise-wide.
Define how diverse technologies are normalized and integrated end-to-end to streamline analysis and response capabilities across environments.
Mentor Senior and junior engineers as a technical role model, and document the standards and engineering patterns governing complex security products and services.
Identify systemic risk across the organization’s security posture and design enterprise-wide mitigations and remediation strategies.
Introduce new methodologies, reference architectures, and operating models to resolve systemic security challenges and advance the security program.
Lead enterprise technology evaluations and adoption decisions, assessing the relevance and long-term impact of emerging technologies on our security posture.
Define, own, and enforce engineering standards, continuously assessing the effectiveness of security controls and driving improvements across the enterprise.
Shape and drive the security engineering strategy and roadmap, influencing senior engineers, and leaders across organizations.
Partner with and influence cross-functional teams to embed security into the development lifecycle and operational processes.
Lead security assessments and audits, ensuring compliance with internal policies and external regulations.
Lead the technical response for the highest-severity incidents, directing containment, investigation, and recovery efforts.
Stay at the forefront of industry trends, security standards, and best practices, ensuring Cboe’s systems remain resilient against evolving threats.

Benefits

Fair and competitive salary and incentive compensation packages with an upside for overachievement
Generous paid time off, including vacation, personal days, sick days and annual community service days
Health, dental and vision benefits, including access to telemedicine and mental health services
2:1 401(k) match, up to 8% match immediately upon hire
Discounted Employee Stock Purchase Plan
Tax Savings Accounts for health, dependent and transportation
Employee referral bonus program
Volunteer opportunities to help you give back to your communities
Complimentary lunch, snacks and coffee in any Cboe office
Paid Tuition assistance and education opportunities
Generous charitable giving company match
Paid parental leave and fertility benefits
On-site gyms and discounts to other fitness centers