Principal Security Engineer
Fintech · Tampa, FL · 3 wk ago
HybridInformation TechnologyFull-time
Key Responsibilities
- Ensure the day-to-day security service requests are fulfilled in a timely manner.
- Conduct cyclical internal reviews to maintain compliance with our SOC1/2 audit processes.
- Complete customer third-party risk management requests.
- Develop and execute comprehensive security strategies to safeguard enterprise systems, networks, and data.
- Design and implement security architectures, including network security, application security, and cloud security solutions.
- Evaluate and integrate new security technologies and tools to enhance the security posture of the organization.
- Conduct thorough risk assessments and vulnerability analyses to identify and mitigate potential threats.
- Perform threat modeling and security assessments for new and existing systems and applications.
- Develop and maintain security policies, standards, and procedures.
- Lead incident response efforts, including identification, containment, eradication, and recovery from security incidents.
- Conduct post-incident analysis and provide recommendations to prevent future occurrences.
- Collaborate with cross-functional teams, including IT, development, and operations, to integrate security into all aspects of the business.
- Communicate security risks, solutions, and strategies effectively to both technical and non-technical stakeholders.
Qualifications
- About Fintech Education: Bachelor’s degree in Computer Science, Information Security, or a related field preferred; equivalent experience can be substituted for degree or certifications.
- Experience: 8+ years of experience in cybersecurity, with a strong background in security engineering, risk management, and incident response.
- Proven experience designing and implementing security solutions in complex environments.
- Experience with cloud security (e.g., AWS, Azure, Google Cloud) and understanding of cloud security best practices.
- Technical Skills: Proficiency in security tools and technologies (e.g., SIEM, IDS/IPS, firewalls, encryption).
- Strong understanding of network protocols, operating systems, and application security.
- Experience with scripting and automation (e.g., Python, PowerShell, Bash) is a plus.
- Ability to leverage artificial intelligence tools and services as a force-multiplier for team and organization productivity.
- Certifications: Relevant certifications such as CISSP, CISM, CEH, or equivalent are highly desirable.
- Soft Skills: Exceptional problem-solving and analytical skills.
- Strong leadership, communication, and interpersonal skills.
- Ability to work effectively in a fast-paced and evolving environment.
- Act as a security champion across the organization.