Principal Security Engineer

We are seeking a talented and experienced Principal Security Engineer to join our team. In this role, you will play a critical role in enhancing our information security posture and protecting our sensitive data and infrastructure. As a key member of the Information Security team, you will collaborate closely with internal stakeholders, external partners, and vendors to identify security risks, implement robust security solutions, and ensure compliance with industry regulations and best practices.

Design, develop, and deploy security mechanisms to protect against adversarial attacks, data breaches, and other security vulnerabilities

Conduct Threat Modeling, Design Reviews and Security Testing

Communicate risks to engineering staff through training and technical demonstration of vulnerabilities and secure design patterns

Partner with Digital technology teams to orchestrate/automate security controls in the Stanley1913 infrastructure and platforms

Lead the vulnerability management lifecycle at the infrastructure, platform, and application levels

Participate in investigations, threat hunting, and incident response activities

Assist with compliance activities, such as SOC2 control implementation and testing, vendor risk assessments, etc.

Develop and implement technical security standards and guidelines to ensure compliance with regulatory requirements and industry best practices.

Collaborate with cross-functional teams to integrate security controls into business processes and IT systems and provide security guidance and recommendations across stanley1913 teams.

Stay abreast of emerging threats, vulnerabilities, and security technologies, and provide guidance and recommendations for enhancing the firm's security posture.

Bachelor s degree in computer science, Information Security, or related field; or relevant work experience

Proven experience in information security engineering, with a focus on designing, implementing, and managing security controls and solutions in a corporate environment.

Strong technical skills in areas such as network security, SASE, endpoint security, cloud security, identity and access management and encryption.

Experience with security frameworks and standards (e.g., NIST Cybersecurity Framework, ISO 27001/27002, SOC 2), regulatory compliance requirements (e.g., GDPR, PCI DSS), and industry best practices.

Excellent analytical and problem-solving skills, with the ability to analyze complex security issues, prioritize tasks, and develop effective solutions.

Strong communication and interpersonal skills, with the ability to effectively communicate technical information to non-technical stakeholders and collaborate with cross-functional teams.

Ability to work independently and collaboratively in a fast-paced, dynamic environment, and manage multiple projects and priorities simultaneously.

Willing and able to travel to branch offices as needed