Principal, Security Engineer

About The Position

Requirements

• Bachelor's degree in engineering, Computer Science, Information Technology, or a related field.
• Minimum of 8-10 years of experience in security, with at least 3 years in a senior or architect role.
• Strong knowledge of security frameworks (e.g., NIST, ISO 27001) and proficiency in security technologies such as firewalls, intrusion detection systems, SIEM, SOAR, XDR, Email Security, DLP, CASB, CNAPP, Vulnerability Scanning, Threat Intelligence and automated Penetration Testing.
• Experience with cloud security (AWS, Azure) and understanding of cloud-native security practices.
• Proficiency in designing and implementing Zero Trust security models, including secure network strategies, strong authentication policies, and risk management frameworks.
• Expertise in building cyber resiliency, including developing incident response plans, conducting threat intelligence analysis, and ensuring business continuity during and after cyber incidents.
• Strong understanding of network protocols, secure network architecture, and experience with configuring and managing firewalls, intrusion detection systems, and encryption solutions.
• Expertise in IAM principles and best practices, including user identity management, role-based access control (RBAC), single sign-on (SSO), multi-factor authentication (MFA), and identity governance.
• Proficiency in data security strategies, including data encryption, data loss prevention (DLP), secure data storage, and data integrity measures.
• Proficiency in endpoint protection strategies, including anti-malware solutions, host-based intrusion detection systems (IDS/IPS), endpoint hardening, and mobile device management.
• Solid knowledge of IoT security principles, including cryptography, identity and access management, and secure network architecture for IoT devices.
• Experience with DevSecOps practices, including integrating security into the software development lifecycle, automating security processes, and using tools for continuous security monitoring.
• Experience in product security, including identifying and mitigating security risks within products, collaborating with development teams, and ensuring products meet industry best practices for security.
• Excellent analytical and problem-solving skills, with the ability to work under pressure and handle complex security issues.
• Strong communication and leadership skills, with the ability to effectively convey security concepts to both technical and non-technical stakeholders.

Responsibilities

• Develop and implement robust security architectures for enterprise-level systems, ensuring alignment with business objectives and regulatory requirements.
• Create, update, and enforce security policies, standards, and procedures to protect the organization's information assets.
• Conduct comprehensive risk assessments and vulnerability analyses to identify potential security threats and develop mitigation strategies.
• Work closely with IT, development, and business teams to integrate security measures into all aspects of the organization, including software development, network infrastructure, and cloud services.
• Lead and coordinate incident response efforts, providing expertise during security breaches and ensuring effective resolution and documentation.
• Stay updated on the latest security technologies, trends, and threats, and recommend improvements to enhance the organization's security posture.
• Mentor and guide junior security team members, fostering a culture of continuous learning and professional development.

Benefits

• Competitive Medical, Dental, and Vision plans with a large employer contribution
• 401(k) Retirement Plan with company match
• Generous Mental Health Support services
• Legal services
• Virtual Physical Therapy access
• Fertility & Family Forming benefits