Principal Security Engineer

Title: Principal Security Engineer
Duration: Fulltime
Location: Hybrid in St. Paul, MN

Position Overview
The Principal Security Engineer serves as client's strategic security architect, responsible for developing and executing comprehensive security strategies with a primary focus on optimizing the Microsoft 365 E5 Advanced Security and Compliance platform. This role drives enterprise-wide security tool rationalization, roadmap development, and strategic planning, rather than focusing on day-to-day security operations. The position requires a Principal who has previously built security strategies and can translate business objectives into robust, scalable security architectures.

Strategic Responsibilities
Security Strategy & Architecture
Develop and execute comprehensive security strategies that align with business objectives and regulatory requirements
Lead enterprise-wide security tool rationalization initiatives to optimize the security technology portfolio for cost-effectiveness and operational efficiency
Create strategic security technology roadmaps spanning 3-5 years with clear milestones and success metrics
Design security frameworks and standards that scale across multi-cloud and hybrid environments
Drive continuous improvement initiatives to optimize the performance and cost-effectiveness of security investments
Microsoft 365 E5 Security & Compliance Leadership
Own the strategic roadmap for Microsoft 365 E5 Advanced Security and Compliance capabilities, including Purview Information Protection, Defender suite, Advanced Audit, and Insider Risk Management, Entra ID (PIM, Risk-Based Conditional Access, Advanced Security Reporting Analytics)
Conduct comprehensive assessments of current M365 E5 utilization and develop strategies to maximize platform value
Design governance frameworks for advanced compliance features, including eDiscovery, Data Lifecycle Management, and Communication Compliance
Establish strategic approaches to sensitivity labeling, data classification, and automated policy enforcement
Create integration strategies between M365 E5 capabilities and existing security infrastructure
Enterprise Architecture & Planning
Influence enterprise-wide security planning by identifying emerging technologies and assessing their strategic value to the organization
Translate complex business requirements into robust, security-first architectural designs for Azure and multi-cloud solutions
Champion the design and establishment of information security architecture standards while ensuring comprehensive documentation
Provide strategic security consultation for both internal systems and external partnerships

Technical Leadership
Multi-Cloud Security Architecture
Design detailed Azure security architectures leveraging compute, storage, networking, databases, and application services within a well-architected framework
Develop security strategies for multi-cloud environments, ensuring a consistent security posture across platforms

Strategic Problem Solving
Maintain expertise across multiple security domains to solve complex problems requiring high degrees of innovation
Provide escalated strategic guidance for Microsoft Security, Compliance, and Azure issues
Serve as primary liaison between functional teams and Microsoft for complex security architecture discussions
Stakeholder Engagement
Communicate complex security architectural concepts to C-level executives, business leaders, and technical teams
Build collaborative partnerships by providing specialized expertise on strategic security initiatives
Influence stakeholders across multiple business areas to drive optimal security solutions
Leverage business acumen to create solutions that mitigate risks while enabling strategic growth and innovation

Required Qualifications
Education & Experience
Bachelor's Degree in security, technology, engineering, or equivalent experience
7+ years of information technology and cybersecurity experience with demonstrated experience building security strategies (not just implementing them)
Proven track record of enterprise security tool rationalization and roadmap development for MSFT M365 E5 Suite
Azure cloud engineering experience with a focus on security architecture

Technical Expertise
Deep experience with Microsoft 365 E5 Advanced Security and Compliance suite
Comprehensive understanding of Azure cloud architecture principles, networking concepts, Data Platforms, and MS Fabric
Experience developing and executing security technology roadmaps for enterprise organizations

Strategic Capabilities
Proven experience translating business requirements into comprehensive security strategies
Demonstrated ability to lead security tool rationalization initiatives
Strong business acumen with ability to balance security, performance, and business objectives
Excellent communication skills for presenting to executive leadership and technical audiences

Preferred Qualifications
Master's Degree in security, technology, engineering, or related field
Experience leading security transformations in enterprise environments
Background in security consulting or strategic advisory roles

Required Certifications (Upon Hire Preferred)
Certified Cloud Security Professional (CCSP) - (ISC) , OR
Microsoft Certified: Azure Solutions Architect Expert