Senior Principal Security Engineer - East Coast or Midwest

As a Sr. Principal Security Engineer at MKS Inc., you will be a partner with all Engineering Teams, Operations Teams, Business Units, Field Services, and Vendors as required to perform engineering design and implementation of the company’s internal network and data communications systems, with a focus on overall network security protocols. In this role, you will report to the Director of IT Connectivity.

• Owning and driving the enterprise Zero Trust and SASE security architecture roadmap, ensuring alignment with business and regulatory requirements
• Designing, implementing, and evolving secure data communications networks, including on-prem, cloud and hybrid environments with AWS and Microsoft Azure
• Defining and enforcing network segmentation strategies across IT and OT environments to reduce risk and support operational resiliency
• Owning the enterprise network security architecture and continuously improving designs based on industry standards, emerging threats, and organizational needs
• Serving as the primary Subject Matter Expert (SME) for network security best practices, standards, and procedures
• Acting as a technical escalation point for complex network security issues across engineering, operations and partner teams
• Defining, implementing, and governing network security standards and best practices across the enterprise infrastructure
• Travel Requirements:
  Up to 0-5% of travel is required

• Bachelor’s Degree or Trade Certification in Computer related fields preferred or equivalent work experience
• Minimum 12+ years of experience in Security and Networking technology environments
• Industry certifications such as PCNSA/PCNSE, CCNP, or CISSP or equivalent (preferred)
• Experience with network and security platforms including Clear Pass, Solar Winds, Cisco Umbrella, Infoblox, Cisco Thousand Eyes, and Prisma
• Strong hands‑on experience in establishing security policy governance and designing, deploying, and managing firewall solutions using Fortinet and Palo Alto firewalls

• Remote access technologies (SSL, IPSec) and site‑to‑site VPN
• Network
  
  Skills:
  
  TCP/IP, routing protocols (EIGRP, BGP, MPLS, IPSec VPN), Layer2/3 switching and VLAN configuration, Firewall security policy
• Familiar with authentication services:
  Radius, TACACS/TACACS+, 802.1x

• Reporting Relationships:
  No direct management responsibilities but as a Sr. Principal Engineer projecting a leadership presence to the rest of the team as a technology owner is required
• Financial Responsibilities:
  Works with management to align work to budget requirements

• US requirement due to Americans with Disabilities Act (ADA). However, each country is different due to employment laws, so HR Partner discretion is advised. See HR Partner with any questions.
• Perform activities such as sitting, standing, or typing for extended periods of time
• Experience maintaining and supporting network infrastructure in a 24/7, On‑Call model
• Must be able to communicate information and ideas so others will understand
• Must be able to exchange accurate information
• Operates in a professional office environment
• Constantly operates a computer and other office productivity machinery

• Ability to take and follow directions and instructions
• Ability to interact with other employees, customers, suppliers, vendors, or the public, in a safe, professional, and respectful manner
• Access to sensitive and confidential business systems and software, personally identifying information, the company’s financial information, and/or the ability to maintain physical security and safety
• Because this position involves the above material job duties, trustworthiness, reliability, and good judgment also are material job duties

Salary Pay Range: $ – $ per year. This range is a good faith estimate of the expected salary range for this position, based on a wide range of factors including qualifications, experience and training, operational and business needs and other considerations permitted by law.

Bonus:
This position is eligible for a discretionary annual bonus, in an amount to be determined by MKS or as applicable.

Benefits: MKS offers a comprehensive benefits package, including health insurance coverage (medical, dental and vision), 401(k) with company match, life and disability insurance, 12 paid holidays, sick time, 15 paid vacation days, [6 weeks fully paid] parental leave, adoption assistance and tuition reimbursement [and for participation in any stock programs, signing bonus, etc.

MKS will consider qualified applicants with a criminal history pursuant to the California Fair Chance Act and the Los Angeles County Fair Chance Ordinance for Employers.