Principal Cybersecurity Eng

JOB SUMMARYPrincipal Cyber Security Engineer for the IT Security Assurance group will develop technical solutions and provide strategic consultation to solve complex IT Security challenges. Provide IT Security Assurance oversight to develop, design and manage ongoing initiatives to reduce the risk of rapidly changing cyber threats to the business leveraging a deep understanding of the Cyber Security threats faced by the organization. Responsible for partnering with internal and external departments within Information Technology as well as business stakeholders in the organization to proactively identify security deficiencies and emerging risks for all IT and IT Security controls on a continual basis. This position will also provide the business with technical guidance and solutions to satisfy a variety of regulatory monitoring requirements. In addition, this position will serve as a subject matter expert for the initiatives and drive recommendations to the continuous monitoring program and serve as escalation point in absence of leadership for team members and external department inquiries.MAJOR DUTIES AND RESPONSIBILITIESActively and consistently supports all efforts to simplify and enhance the customer experience.Establish and provide strategic consultation to automate technical solutions to continually assess the security posture of the organization through the use of innovative solutions to solve complex IT Security challenges.Leads the design, development and implementation of security controls to support the adherence to IT Security controls.Present complex security requirements to Executive and IT management, IT staff, peers and non-technical team members to drive understanding, awareness, and adoption of sound security practices.Designs, develops and provides recommendations of the data visualization of IT Security scorecard based on industry best practices to drive a solution to identify issues.Develop in-depth technical processes for the most highly complex workflows in order to provide continuous, ongoing monitoring of all IT systems from a security standpoint.Design and develop automated processes through scripts, reporting and automation capabilities to support internal IT Security continuous monitoring fluence and recommend sound technical guidance, support and in depth testing a variety of regulatory compliance requirements to the business for the implementation of sound security controls within the corporate ecosystem.Assign work to Cybersecurity Engineering team given complex security requirements and continuous monitoring program requirements and deadlines. Provide professional development (i.e. coding best practices, data visualization, etc.) to team.Develop and present root cause and trending analysis reports regarding security and compliance programs to senior leadership with IT Security, business partners, and peer departments to drive awareness and optimize continuous improvement initiatives.Liaise with other business teams to gain understanding of operational requirements on new project initiatives (implementing new and upgrading business applications, decommissioning systems, etc.) to align with IT Security, Regulatory, and Compliance standards and frameworks.Partner with technical business stakeholders to successfully mitigate security risk to the business through the continuous security monitoring process and the development and publication of security assurance anize project and communication plans and provide updates to the IT Security and Compliance and IT Operations terpret, analyze and maintains IT Security standards, guidelines and regulations and provide recommendations to business partners on process improvement.Maintain deep subject matter expertise of current cybersecurity threats in order to respond effectively to assessment and evaluation of security controls and continuous monitoring of existing security controls.Research emerging risk and threats to establish a cohesive strategy to present information to IT Security leadership and key business stakeholders.Facilitate continuous performance improvement sessions and recommend opportunities to improve processes or standardsServe as escalation point in absence of leadership for team members and external departments inquiries.Collaborate with other team members and leadership teams on projects, issues, and remediation issues.Perform other duties as assigned.REQUIRED QUALIFICATIONSRequired Skills/Abilities and KnowledgeAbility to read, write, speak and understand EnglishExpert knowledge of security frameworks such as PCI, SOX, HIPAA, NIST 800-53, Cybersecurity and/or other federal, state and industry areas of compliance.Expert knowledge of security system configuration and data visualization.Expert knowledge of File Integrity Monitoring process, Firewall Review process, Data Loss Prevention and Patch Management Methodologies a plus.Expert knowledge of OS (operating systems), IP networks, and database and application functionality.Expert knowledge of application layers, networking, and system administration in order to interpret data.Ability to present technical concepts to non-technical audiences.Ability to communication with all levels of leadership, internal/external departments and peers,Strong analytical and critical thinking skills to identify patterns or indicators of non-compliance.Foster and maintain strong relationships with Senior Leadership, IT Staff and peers as demonstrated through an effective and efficient compliance program.Strong organization and time management skills.Ability to manage multiple tasks / projects while ensuring deadlines are met.Ability to perform duties in a very fast pace environment and ability to learn new technology quicklyAbility to demonstrate lateral thinking required to solve complex technical problems to provide outside the box solutions.Ability to perform duties in a dynamic technological environment and ability to learn new technology quicklyRequired EducationBachelors degree in BA or BS Management Information Systems, Computer Science, Cybersecurity, and/ or business related discipline, or equivalent work experienceRequired Related Work Experience and Number of YearsIT Security and/or Corporate Risk Work experience - 8+Information Assurance, Risk, and Cybersecurity Program governance 4+ experience. - 4+PREFERRED QUALIFICATIONSPreferred Skills/Abilities and KnowledgePreferred EducationOne of the following or equivalent certifications required or in the process of obtaining:CISSP Certified Information Systems Security ProfessionalCISM - Certified Information Security TechnologistCISA - Certified Information Systems AuditorPython 2.0 or 3.0PowerShellSQLTableau Data VisualizationSplunkMS Office ExcelPreferred Related Work Experience and Number of YearsExperience working with Tripwire, Tableau, or File Integrity Monitoring - 1+WORKING CONDITIONSOffice environmentTravel up to 10% required ISE605 305135 305135BR RequiredPreferredJob IndustriesTransportation

Created: 2025-10-04