Principal Security Engineer - Temporary

About The Position

Requirements

• Minimum of 6 years of experience in information security engineering.
• Experience in identity/authentication, architecture, cloud security, and application security.
• Proficiency in designing security controls, security tools needs/assessments, and technologies services.
• In-depth knowledge of IAM solutions and protocols (e.g., LDAP, SAML, OAuth, OpenID).
• Expertise with cloud security principles, services, and controls in major cloud platforms (e.g., AWS, Azure, GCP).
• Expertise in application security concepts, tools, and techniques (e.g., secure coding practices, static and dynamic application security testing).
• Strong analytical and problem-solving skills with the ability to assess complex security challenges and develop effective solutions.
• Excellent written and verbal communication skills with the ability to communicate technical concepts to non-technical stakeholders.
• Proven ability to lead and influence cross-functional teams and drive security controls.
• Be a security evangelist with the technology teams.

Nice To Haves

• Relevant certifications (e.g., CISSP, CISM, CEH).
• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field.

Responsibilities

• Design, validate, implement, and document security infrastructure.
• Collaborate amongst Technology groups to support the internal user base and uphold InfoSec initiatives.
• Architect and assist with the implementation of security controls, tools, and technologies to protect information assets from internal and external threats.
• Collaborate with engineering teams to integrate security into the development and deployment processes.
• Architecture of the future for Identity.
• Design and implement strategies for IAM solutions to manage user identities, access rights, and privileges across on-premises and cloud environments.
• Establish authentication, authorization, and access control mechanisms to enforce security policies effectively.
• Architecture of Zero Trust.
• Architect and implement security controls and best practices (SASE) for cloud infrastructure (e.g., AWS, Azure, Google Cloud) to protect data and workloads in cloud environments.
• Evaluate and recommend security services and technologies to enhance cloud security posture.
• Collaborate with development teams to integrate security into the software development lifecycle (SDLC) and ensure secure coding practices are followed.
• Conduct security assessments, code reviews, and penetration testing to identify and remediate application security vulnerabilities.
• Ensure compliance with industry standards, frameworks, and regulations related to information security (e.g., NIST, ISO/IEC 27001, PCI DSS).
• Develop and maintain security policies, standards, and procedures to align with regulatory requirements.

Benefits

• 401 (k) with employer match
• Medical, dental, and vision with HSA and FSA options
• Competitive vacation and sick time off, as well as dedicated volunteer days
• Access to wellness support through Employee Assistance Program, physical and mental health wellness programs
• Pet care discounts for your furry family members
• Financial support in times of hardship with our Achieve Care Fund
• A safe place to connect and a commitment to diversity and inclusion through our six employee resource groups