Principal Security Engineer
ExternalPrepare for this interview
EliteAI-generated questions, company research, and talking points tailored to this role
Responsibilities
- Lead major cybersecurity incidents from detection through containment, eradication, recovery, and post-incident review; including participating in on-call rotation.
- Serve as the top escalation point for complex, high-severity incidents, ensuring rapid and effective resolution.
- Develop, maintain, and optimize incident response playbooks, runbooks, and escalation procedures.
- Oversee enterprise-wide monitoring of networks, cloud, and endpoints for threats, vulnerabilities, and anomalous activity.
- Advance detection capabilities using EDR, SIEM, and behavioral analytics aligned with MITRE ATT&CK. Act as subject matter expert on EDR and SIEM.
- Design and implement automation frameworks (Python, PowerShell, AWS Lambda) to streamline response workflows and reduce manual effort.
- Integrate AI/ML models into security monitoring and response processes for enhanced detection accuracy and prioritization.
- Conduct forensic investigations and threat hunting to identify root causes and emerging threat patterns.
- Collaborate cross-functionally with infrastructure, application, and network teams to enforce secure configurations and compliance.
- Mentor and guide incident response analysts, fostering technical growth and operational excellence.
- Communicate effectively with executives and technical teams during and after incidents, producing clear reports and recommendations.
- Drive continuous improvement in detection, response, and prevention strategies to strengthen enterprise security posture.
Requirements
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field
- Must have CISSP Certification (Current and active)
- 6+ years of experience in the realms of enterprise cybersecurity at scale
- 5+ years of experience with EDR, SIEM, email and network security
- 3+ years of experience with cloud environment security, scripting/coding
- Extensive knowledge of the incident response process and lifecycle, ability to contribute to policy and procedure.
- Ability to respond to security alerts/incidents and drive the process start to finish
- Ability to use generative AI in day-to-day operations as a force multiplier
- Strong technical written and verbal communication skills, ability to document and present details on incidents
- Strong analytic skills, able to analyze security incidents for root cause, resolution, lessons learned, and improvements
- Excellent communication and leadership skills, with the ability to influence across technical and executive teams
- What will set you apart:
- Additional certifications (SANS, GIAC, CCSP, AWS, CEH, OSCP, etc)
- Experience in a DevSecOps environment (Infrastructure as code, Terraform, Git)
- Experience developing automation frameworks leveraging scripting languages (Python, PowerShell, Bash) and serverless technologies (e.g., AWS Lambda) to accelerate response workflows and reduce manual effort.
- Experience automating repetitive tasks such as enrichment, correlation, containment.
- Ability to integrate AI and machine learning models into security monitoring and response workflows to improve detection accuracy, reduce false positives, and prioritize threats.
- Ability to create AI-driven anomaly detection, behavioral analysis, and natural language processing for log analysis, phishing detection, and threat intelligence enrich
Benefits
Additional Information
Our vision for the future is based on the idea that transforming financial lives starts by giving our people the freedom to transform their own. We have a flexible work environment, and fluid career paths. We not only encourage but celebrate internal mobility. We also recognize the importance of purpose, well-being, and work-life balance. Within Empower and our communities, we work hard to create a welcoming and inclusive environment, and our associates dedicate thousands of hours to volunteering for causes that matter most to them. Chart your own path and grow your career while helping more customers achieve financial freedom. Empower Yourself. ***Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment visa at this time, including CPT/OPT.*** The Information Security Principal Engineer is responsible for contributing to, and strengthening, the corporate Information Security program. This is a technical position that requires knowledge of security industry standards, the ability to establish and audit security operational functions, and the ability to provide technical security recommendations and/or solutions. This position develops, updates, documents, and maintains security standards and policies for the organization. This position assists in ensuring that secure computing practices are established and communicated throughout the organization, and that the business is conducted in accordance with established guidelines and regulatory requirements. This position also contributes to security due diligence assessments on current and prospective vendors and products
Your Match
How well this role fits your profile.
Company Intel
What employees say
Worked at empower? Share your experience