Principal Security Engineer

You Will: 

• Take charge of incident response efforts for system and network security events.
• Iteratively plan, prioritize, and monitor security measures to safeguard data, systems, and networks.
• Analyze security event logs, application & network data, and develop analytics to bolster our information security risk posture.
• Regularly assess IT security levels and ensure production environment hardening.
• Ensure data and infrastructure protection through the promotion of appropriate security controls.
• Passively test and identify network and system vulnerabilities, staying ahead of threats.
• Evaluate architectural changes for security implications and contribute cybersecurity expertise in architecture reviews for Array's API platform.

You Have:

• Over 12 years of work experience in incident detection, incident response, and forensics.
• Programming proficiency in at least one language like: Go, Python, Java, or Node.
• Experience with GitLab DevSecOps features.
• Strong grasp of NIST standards and OWASP protocols.
• Experience with Firewalls, IDS/IPS, Security, VSX, and endpoint security.
• Awareness of new cybersecurity trends, hacking/exploitation techniques, and interest in securing cloud environments.
• Hands on experience with cloud security, Google Cloud Platform security, and monitoring.
• Experience securing APIs and hosted infrastructure from cyber exploitation and attack.
• Knowledge of security across multi-vendor platforms.
• Experience with ethical hacking.
• Preferred certifications such as: Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP).