Principal Cybersecurity Engineer

Strategic Technical Translation: Architect high-level business and security "end-states" into sophisticated process designs and technical specifications. You will own the translation of risk philosophy into the logic used by our engineering squads.

Risk Domain Authority: Serve as the definitive Subject Matter Expert (SME) for defining risk metrics and calculation methodologies, specifically within:

Enterprise Risk (ERM): Designing and implementing data-driven risk frameworks (e.g., NIST, FAIR) through sophisticated automation.

Third-Party Risk (TPRM): Architecting systems for automated due diligence, continuous monitoring, and assessment scoring for our vendor ecosystem.

Technical Implementation Lead: While not managing people, you will lead the technical direction for software engineers focused on data pipelines (ELT) and tool development, ensuring the architectural integrity of the final product.

Process Engineering: Design and optimize automated internal processes, leveraging security telemetry to drive automated identification, prioritization, and remediation of risks at scale.

Cross-Functional Influence: Champion security risk automation across the organization, mentoring junior engineers and influencing stakeholders on best practices for data-driven risk modeling.

Software Engineering & Development: Strong background in software engineering principles (SDLC, version control, API design). Must be proficient in at least one programming or scripting language (e.g., Python, Go, or Java) and capable of performing code reviews or building proof-of-concept (PoC) scripts for risk models and automated workflows.

Mastery of Cybersecurity Risk: A proven track record of designing and implementing Enterprise and Third-Party Risk Management (TPRM) programs at scale.

Architectural Design: Demonstrated ability to take a blank slate and define complex security processes, translating them into technical user stories, functional specifications, and logic diagrams.

Technical Influence: Experience leading the technical roadmap for software engineering teams or data scientists without direct reporting authority (e.g., Lead, Principal, or Staff level experience).

Data & Automation Engineering: High proficiency in data pipeline logic, ELT/ETL processes, and data quality assurance, specifically as they apply to automating security telemetry.

Advanced Risk Modeling: Expertise in quantitative risk analysis (e.g., Monte Carlo simulations or FAIR methodology) and how to programmatically apply these models to software.

Experience building custom GRC (Governance, Risk, and Compliance) platforms.