Principal Security Engineer
Empower
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteSalary
💰 $135,300 - $196,125 per year
Job Level
Lead
Tech Stack
AWSCloudCyber SecurityPython
About the role
- Lead major cybersecurity incidents from detection through containment, eradication, recovery, and post-incident review; including participating in on-call rotation
- Serve as the top escalation point for complex, high-severity incidents, ensuring rapid and effective resolution
- Develop, maintain, and optimize incident response playbooks, runbooks, and escalation procedures
- Oversee enterprise-wide monitoring of networks, cloud, and endpoints for threats, vulnerabilities, and anomalous activity
- Advance detection capabilities using EDR, SIEM, and behavioral analytics aligned with MITRE ATT&CK
- Act as subject matter expert on EDR and SIEM
- Design and implement automation frameworks (Python, PowerShell, AWS Lambda) to streamline response workflows and reduce manual effort
- Integrate AI/ML models into security monitoring and response processes for enhanced detection accuracy and prioritization
- Conduct forensic investigations and threat hunting to identify root causes and emerging threat patterns
- Collaborate cross-functionally with infrastructure, application, and network teams to enforce secure configurations and compliance
- Mentor and guide incident response analysts, fostering technical growth and operational excellence
- Communicate effectively with executives and technical teams during and after incidents, producing clear reports and recommendations
- Drive continuous improvement in detection, response, and prevention strategies to strengthen enterprise security posture
Requirements
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field
- Must have CISSP Certification (Current and active)
- 6+ years of experience in the realms of enterprise cybersecurity at scale
- 5+ years of experience with EDR, SIEM, email and network security
- 3+ years of experience with cloud environment security, scripting/coding
- Extensive knowledge of the incident response process and lifecycle, ability to contribute to policy and procedure
- Ability to respond to security alerts/incidents and drive the process start to finish
- Ability to use generative AI in day-to-day operations as a force multiplier
- Strong technical written and verbal communication skills, ability to document and present details on incidents
- Strong analytic skills, able to analyze security incidents for root cause, resolution, lessons learned, and improvements
- Excellent communication and leadership skills, with the ability to influence across technical and executive teams
Benefits
- Medical, dental, vision and life insurance
- Retirement savings – 401(k) plan with generous company matching contributions (up to 6%)
- Tuition reimbursement up to $5,250/year
- Business-casual environment that includes the option to wear jeans
- Generous paid time off upon hire – including a paid time off program plus ten paid company holidays and three floating holidays each calendar year
- Paid volunteer time — 16 hours per calendar year
- Leave of absence programs – including paid parental leave, paid short- and long-term disability, and Family and Medical Leave (FMLA)
- Business Resource Groups (BRGs) – BRGs facilitate inclusion and collaboration across our business internally and throughout the communities where we live, work and play. BRGs are open to all.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
incident responseforensic investigationsthreat huntingautomation frameworksscriptingcloud securityEDRSIEMbehavioral analyticsMITRE ATT&CK
Soft skills
technical communicationanalytical skillsleadershipmentoringcollaborationproblem-solvinginfluencingreportingcontinuous improvementoperational excellence
Certifications
CISSP