Principal Cybersecurity Engineer

Principal Security Engineer

Our flexible/hybrid work schedule includes 3 in-person days at one of our core locations and 2 remote days. Core office locations include Salisbury, NC and Quincy, MA.

Applicants must be currently authorized to work in the United States on a full‑time basis.

• Set enterprise security architecture, reference patterns, and guardrails for cloud, network, platform, and application domains, including hybrid and on-premises infrastructure.
• Design scalable controls and “secure by default” blueprints that teams reuse to accelerate delivery and reduce technical debt.
• Drive security as code practices, integrating automated controls into CI/CD pipelines and cloud native workflows.
• Lead threat modeling, risk assessments, and security design reviews for complex initiatives and critical systems. Orchestrate incident response for high severity events, ensuring rapid triage, root cause analysis, and durable remediation.
• Standardize vulnerability management across infrastructure and software layers, prioritizing remediation based on risk and business impact.
• Integrate identity, access, and secrets management into platform and application architectures, aligning to least privilege and zero trust principles.
• Guide performance monitoring, logging, and detection engineering to improve signal quality and reduce mean time to detect/respond.
• Partner with Technology, Compliance, and business leaders to embed security into evaluation, selection, installation, and configuration of products.
• Collaborate with teams supporting enterprise networks, on-prem data centers, and distributed operational environments to ensure secure connectivity, segmentation, and baseline enforcement.
• Support governance of Azure services, subscriptions, connectivity, and administrative models.
• Help define and maintain security baselines for servers, platforms, and cloud services, including hardening standards for hybrid infrastructure.
• Mentor engineers at all levels; elevate secure coding, testing, automation, and operational excellence across teams.
• Influence roadmap priorities using data, metrics, and risk quantification to support informed trade‑off decisions.
• Evangelize modern engineering practices (Agile/Kanban/Lean), ensuring security enhances – not hinders – developer and customer experience.
• May be called upon to support critical escalations and must be available during urgent IT incidents as needed.

• Bachelor’s degree or equivalent years of work experience.
• 10+ years in progressive experience in cybersecurity, with significant experience in security engineering and architecture roles.
• Demonstrated leadership in enterprise security architecture for cloud platforms (e.g., Azure, AWS, or GCP), networks, and platforms, including hybrid and on‑premises environments.
• Proven depth in identity and access management, key and secrets management, and zero trust concepts.
• Strong proficiency with infrastructure as code (e.g., Terraform or Bicep), configuration management, and policy as code.
• Expertise in security information and event management (SIEM), endpoint detection and response, and detection engineering.
• Advanced skills in scripting/automation (e.g., Python or Power Shell) to codify controls, tests, and runbooks.
• Excellent communication and executive influencing skills; able to translate risk and complexity into clear, actionable decisions.
• Experience working in distributed or multi‑site operational environments is a plus.

• Experience building platform security capabilities (e.g., cloud security posture management, workload protection, container security).
• Hands‑on knowledge of application security (secure SDLC, dependency scanning, and runtime protections).
• Familiarity with PCI DSS, SOX, HIPAA, or similar frameworks; practical experience operationalizing compliance.
• Industry certifications (e.g., CISSP, CCSP, GIAC, OSCP) or equivalent portfolio of work.
• Experience with segmentation design, network architecture, or securing retail or regulated operational environments.

ME/NC/PA/SC: $108,880 - $163,320. IL/MA/MD/NY: $125,200 - $187,800. Actual compensation offered to a candidate may vary based on unique qualifications, experience, internal equity, and market conditions.