Principal Security Engineer (Architecture focus)
We’re looking for a senior-level security professional to lead the design and evolution of enterprise security architecture across a complex, primarily on-prem environment with growing cloud adoption. This role will define security standards, guide engineering teams, and ensure the organization’s infrastructure, applications, and data are protected against modern threats.
This is a high-impact position working cross-functionally with infrastructure, application development, and leadership teams to embed security into every layer of the technology stack.
What You’ll Do
- Own and drive the enterprise security architecture strategy
- Design secure solutions across infrastructure, applications, identity, and cloud platforms
- Partner with engineering and DevOps teams to integrate security into system design and deployment pipelines
- Establish and enforce security standards, frameworks, and best practices
- Lead threat modeling, risk assessments, and architecture reviews
- Evaluate and recommend security tools and technologies
- Provide technical leadership and mentorship to security and engineering teams
- Act as a key advisor to leadership on security posture, risk, and investments
- Support incident response and remediation from an architectural standpoint
What They’re Looking For
- 8+ years in cybersecurity, with strong focus on architecture and design
Deep experience across:
- Network and infrastructure security
- Identity and access management (AD, Azure AD / Entra ID)
- Application and API security
- Cloud security (AWS and/or Azure)
Strong understanding of:
- Security frameworks (NIST, CIS, ISO)
- Zero Trust concepts
- Threat modeling and risk management
- Experience working in hybrid environments (on-prem + cloud)
- Ability to influence teams without direct authority
- Strong communication skills—this is not a heads-down role
Nice to Have
- Experience in heavily regulated industries
- Familiarity with tools like SIEM, EDR, vulnerability management platforms
- Relevant certifications (CISSP, SABSA, TOGAF, etc.)
