Principal Cyber Security Engineer
Job in
Cheyenne, Laramie County, Wyoming, 82003, USA
Listed on 2026-06-11
Listing for:
State of Wyoming
Full Time
position Listed on 2026-06-11
Job specializations:
-
IT/Tech
Cybersecurity, Systems Engineer, Cloud Computing, IT Consultant
Job Description & How to Apply Below
Description and Functions
Open Until Filled
GENERAL DESCRIPTION:
The Principal Cyber Security Engineer is the state's primary technical authority for advanced endpoint defense, Zero Trust Architecture (ZTA), overarching cybersecurity architecture, and the resolution of high-complexity security incidents across a unique hybrid ecosystem. This position functions as a senior technical specialist responsible for engineering the enterprise security stack to protect both a progressive Google cloud environment (Google Workspace, GCP) and a robust Windows enterprise infrastructure.
The role handles "hard" incidents requiring advanced forensics and malware analysis, developing bespoke Python scripts and API integrations to bridge the gap between Google Workspace/GCP telemetry, Crowd Strike Falcon, and Active Directory. This position ensures a unified, compliant defensive posture, enabling the state to neutralize sophisticated threats across diverse operating environments, and provides strategic architectural guidance for all state agencies.
Working for the State of Wyoming offers more than a paycheck. Our total compensation package includes:
* Comprehensive health, dental, and vision insurance
* Paid vacation, sick leave, FMLA and holidays
* Retirement - Pension and 457B plans that help you build a secure future
* Flexible schedules and work-life balance options
* Meaningful work that makes a difference for Wyoming communities and MUCH MORE!
for detailed information, oryou can watch this short video to learn about our benefit package!
Want to see the full value of your compensation beyond salary?
Explore our Total Compensation Calculator:(Use the "Apply for this Job" box below)..gov
Human Resource Contact:
Jennifer Erickson/jennifer.erickson1/
ESSENTIAL FUNCTIONS:
The listed functions are illustrative only and are not intended to describe every function that may be performed at this job level.
* Architectural Leadership & CISO Advisory:
Serves as the state's lead security architect, defining overarching cybersecurity architecture across all domains, advising the CISO on emerging threats, evaluating enterprise-wide security investments, and setting state-wide technical standards.
* Endpoint & Zero Trust Engineering:
Leads engineering for Crowd Strike Falcon and enterprise Zero Trust frameworks, architecting conditional access policies that securely bridge Google Environments with Active Directory.
* Infrastructure Optimization:
Optimizes sensor and log ingestion across Windows servers, cloud-native workloads, and multi-cloud (GCP/Azure/AWS) environments to ensure 100% visibility.
* Tier 4 Incident Response:
Serves as the final escalation point for the most complex security breaches, performing deep-dive forensics spanning memory analysis on obfuscated Windows malware to anomalous behavioral tracking within Google Workspace audit logs.
* Containment & Remediation:
Reconstructs attack timelines, identifies persistence, and leads technical containment for state-level crises.
* Security Automation:
Utilizes Python, Power Shell, and Bash to automate complex security workflows and builds custom API bridges utilizing Google Workspace Admin SDK, GCP Security Command Center, and Crowd Strike APIs to orchestrate automated response actions.
* Compliance-as-Code:
Designs infrastructure security using IaC (Terraform/Ansible) to ensure all systems meet CJIS, IRS Pub 1075, and NIST 800-53 requirements by default.
* Infrastructure Hardening:
Implements hardening baselines tailored for both cloud-native workloads and Windows systems based on emerging threat intelligence.
* Threat Modeling & Mentorship:
Performs proactive threat modeling on new enterprise systems before deployment and provides technical mentorship to CSOC Analysts and junior engineers.
Qualifications
PREFERENCES:
Preference may be given to candidates with a proven track record of handling high-stakes breaches and managing enterprise-scale security platforms across hybrid Windows/Cloud environments.
Preference may be given to candidates with verifiable project history in custom security tooling and integration.
KNOWLEDGE:
* Mastery of general cybersecurity architecture, enterprise defense strategies, and unified threat management.
* Expert knowledge of the Crowd Strike Falcon platform, Real Time Response (RTR), sensor deployment, Windows kernel hardening, and Active Directory security.
* Deep expertise in securing Google Environments (Google Workspace, Google Cloud Platform (GCP) IAM, Security Command Center) and bridging cloud environments with Active Directory.
* Expert proficiency in Python and Power Shell for security automation and REST API interaction (especially Google Admin SDK and Crowd Strike APIs).
* Advanced knowledge of memory forensics, malware analysis, and cloud telemetry hunting via the MITRE ATT&CK framework.
* Working knowledge of applying CJIS, IRS Pub 1075, and NIST 800-53 controls to both cloud and local assets.
* Ability to translate complex technical risks into business terms for…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×