OVERALL DESCRIPTION

The Principal Security Engineer is responsible for designing, implementing, and maintaining advanced security solutions to protect the organization's infrastructure, systems, and data. This role focuses on threat detection, incident response, vulnerability management, and proactive defense. As a senior member of the security team, the engineer provides technical leadership, mentors junior staff, and ensures security best practices are integrated across the enterprise.

SPECIFIC RESPONSIBILITIES

• Designs and implements security solutions including Zero Trust, Endpoint, SIEM, IAM, DLP, and cloud security technologies.
• Evaluates and integrates new security tools such as Zscaler/CrowdStrike and technologies to improve the organization's security posture.
• Architects secure systems and networks in alignment with industry's best practices and organizational needs.
• Monitors security incidents, performing root cause analysis and forensics as needed.
• Leads incident response efforts and coordinate with internal and external stakeholders.
• Develops and maintains playbooks for common security incidents and scenarios.
• Performs regular 3rd party risk and vulnerability assessments, penetration tests across systems and applications.
• Collaborates with DevOps, IT, and application teams to remediate vulnerabilities and reduce attack surfaces.
• Maintains up-to-date knowledge of emerging threats and vulnerabilities and apply mitigations accordingly.
• Ensures systems and controls align with regulatory and compliance requirements (e.g., HIPAA, PCI-DSS, SOX).
• Supports internal and external audits with evidence and technical explanations.
• Assists in the development and enforcement of security policies and procedures.
• Secures cloud environments (AWS, Azure), including identity management, logging, and workload protection.
• Hardens operating systems, databases, and applications across cloud and on-prem environments.
• Works with infrastructure teams to ensure secure design and configurations (e.g., segmentation, least privilege).
• Mentors junior security engineers and analysts.
• Leads security projects and contribute to long-term security strategies.
• Collaborates across teams to embed security into DevOps (DevSecOps), infrastructure, and software development processes.
• Complies with all Authority and departmental safety and security policies and procedures as well as all applicable job safety responsibilities. Reports any safety concerns, compromises or hazards affecting operations, the public self and/or other employees. Responsible for personal safety and is encouraged to promote the safety of others.
• Performs other duties as assigned.
   

QUALIFICATIONS AND EXPERIENCE

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field is required.
• Master's degree or equivalent relevant experience is preferred.
• Minimum of 7 years of hands-on experience in cybersecurity is required.
• Strong background in network, application, and cloud security is required.
• Experience leading incident response efforts and building secure systems is required.
• Proficiency with security tools such as Zscaler, CrowdStrike, SIEMs (Splunk, QRadar, Sentinel), EDR (CrowdStrike, Defender), IDS/IPS, and OLP is required.
• Experience with scripting and automation using Python, PowerShell, or Bash is required.
• Deep understanding of protocols including TCP/IP, DNS, HTTP, TLS, and VPN is required.
• Familiarity with DevSecOps tools and CI/CD security integration is required.
• Strong communication and documentation skills are required.
• Ability to work independently and manage multiple priorities is required.
• Demonstrated ability to mentor and lead others on technical topics is required.
• Professional certifications such as CISSP, OSCP, GIAC (e.g., GSEC, GCIA, GCIH, GPEN), AWS/Azure/GCP Security, and CompTIA Security+ are preferred.