Principal Security Engineer
Indexed description
Key Responsibilities
- Security Operations and Governance:
- Ensure the day-to-day security service requests are fulfilled in a timely manner.
- Conduct cyclical internal reviews to maintain compliance with our SOC1/2 audit processes.
- Complete customer third-party risk management requests.
- Security Strategy and Design:
- Develop and execute comprehensive security strategies to safeguard enterprise systems, networks, and data.
- Design and implement security architectures, including network security, application security, and cloud security solutions.
- Evaluate and integrate new security technologies and tools to enhance the security posture of the organization.
- Risk Assessment and Management:
- Conduct thorough risk assessments and vulnerability analyses to identify and mitigate potential threats.
- Perform threat modeling and security assessments for new and existing systems and applications.
- Develop and maintain security policies, standards, and procedures.
- Incident Response and Investigation:
- Lead incident response efforts, including identification, containment, eradication, and recovery from security incidents.
- Conduct post-incident analysis and provide recommendations to prevent future occurrences.
- Coordinate with internal teams and external stakeholders during and after security incidents.
- Leadership and Mentoring:
- Provide technical leadership and guidance to other engineers and teams.
- Mentor and support engineers in security concerns, fostering a culture of continuous learning and improvement.
- Drive security best practices and promote a security-first mindset across the organization.
- Collaboration and Communication:
- Work closely with cross-functional teams, including IT, development, and operations, to integrate security into all aspects of the business.
- Communicate security risks, solutions, and strategies effectively to both technical and non-technical stakeholders.
- Stay current with emerging security threats, technologies, and industry trends, and adapt strategies accordingly.
- Education:
- Bachelor’s degree in Computer Science, Information Security, or a related field preferred; equivalent experience can be substituted for degree or certifications.
- Experience:
- 8+ years of experience in cybersecurity, with a strong background in security engineering, risk management, and incident response.
- Proven experience designing and implementing security solutions in complex environments.
- Experience with cloud security (e.g., AWS, Azure, Google Cloud) and understanding of cloud security best practices.
- Technical Skills:
- Proficiency in security tools and technologies (e.g., SIEM, IDS/IPS, firewalls, encryption).
- Strong understanding of network protocols, operating systems, and application security.
- Experience with scripting and automation (e.g., Python, PowerShell, Bash) is a plus.
- Ability to leverage artificial intelligence tools and services as a force-multiplier for team and organization productivity.
- Certifications:
- Relevant certifications such as CISSP, CISM, CEH, or equivalent are highly desirable.
- Soft Skills:
- Exceptional problem-solving and analytical skills.
- Strong leadership, communication, and interpersonal skills.
- Ability to work effectively in a fast-paced and evolving environment.
- Act as a security champion across the organization.
Fintech is a Drug-Free Workplace. Fintech is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state, or local laws and ordinances. Fintech’s management team is dedicated to this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, employee activities, access to facilities and programs and general treatment during employment.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search