Our Principal Engineer provides technical leadership to craft, build, deploy and support sophisticated Cybersecurity and Risk management tools and help drive Cybersecurity. Successful candidate will be principal subject matter and domain authority in one or more Cybersecurity functional areas – such as Cloud Migration, Cloud Security, DevOps Engineering, Cloud Security Access Broker, API Security, AWS/GCP/Azure cloud workload migration, instance provisioning/de-provisioning, automation of roles. This Principal Engineer will lead Engineers, analysts, domain authorities and collaborate with multiple technical and business teams to craft and build usable, stable and scalable solutions.
Responsibilities
- Be technical leader to help modernize and transform legacy IT and business systems and provide technical mentorship to other teams to securely systems helping minimize risk.
- Help improve policies, procedures, standards for Cybersecurity groups and develop blueprint for modernizing existing security to meet evolving business needs.
- Collaborate with Enterprise Architecture and Security Architects, principal engineers to brainstorm, design and develop frameworks aligning with NIST CSF standards.
- Provide technical leadership in driving Zero Trust Security approach and preparing the organization and technical teams to build up on foundational elements of Identity, Devices, Networks, Applications and Data.
- Apply understanding of various domains of security including authentication, authorization, network security, data, system device and Operating Systems, coding principles, development methodologies, web/mobile applications, use of public and private networks, devices and applications hosted in public/private/hybrid cloud environments
- Analyze risk and prioritization of vulnerability remediation using MITRE ATT&CK within the greater context of assets and the control stack
- Lead RED/BLUE/PURPLE teams as needed to test security controls and help improve security posture of M Health Fairview.
- Lead sophisticated projects related to Cybersecurity Engineering, automation, risk management, compliance and threat management areas.
- Support improvement, efficiency gains and innovative thinking. Coach and mentor team members as needed. Adapt change and demonstrate flexibility in taking up and fulfilling other duties as assigned.
- Participate and lead/represent M Health Fairview in industry forums and relevant technical briefings to understand advancements.
- Partner with DevOps and engineering leadership to help build cloud security automation into their pipelines
- Ensure that production platform in AWS/Azure have been hardened as per industry standards e.g. CIS benchmarks
- Deploy security tools with cloud workloads and integrate into cloud SIEM solutions
- Collaborate with senior management and department leaders to assess near- and long-term cloud security needs
Required
Education
- Bachelor’s degree in Computer Science, Computer Engineering, Technology Information Systems, Engineering or related technical field or combination of experience/education. (Degree preferred.)
Experience
- 15+ years of cumulative experience in architecture, design, customization/ development and/or support of IT Systems
- 7+ years of experience in customization, deployment and support of Cybersecurity tools and technologies
- Excellent understanding of fundamentals, frameworks, development methodologies, network, firewalls, communication layers, devices/end points, computing environment
- Deeper understanding of Threats, Threat Modeling, Security Vulnerabilities, Risk, Cybersecurity frameworks, policies and Cybersecurity standards
- Experience working crafting and/or engineering Web, Mobile, Cloud hosted Applications, software security, security frameworks
- Ability to author and edit scripts such as PowerShell, Python and domain expertise and knowledge of REST API and JSON batching and workflow automation
- Experience in implementing projects in agile/SecDevOps models
Preferred
Experience
- Prior experience in workload migration to cloud, application re-factoring, cloud capacity management, cloud broker, vulnerability management
License/Certification/Registration
- Technical certifications in any of the fields – Security technologies & tools, Development methodologies and frameworks, Cloud and Mobile applications
- Industry recognized professional certifications – Security+, TOGAF, SANS, CISSP, CISM, CISA