Principal Security Engineer Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the principal security engineer job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

T Fadel

Terrell

Fadel

7565 Bobbie Brooks

Philadelphia

+1 (555) 547 8656

7565 Bobbie Brooks

Philadelphia

Phone

p +1 (555) 547 8656

Experience Experience

Los Angeles, CA

Principal Security Engineer

Los Angeles, CA

Bruen, Powlowski and Funk

Los Angeles, CA

Principal Security Engineer

Perform network security architecture and engineering through the design and development of network segmentation and network security tool stack
Performs deployment, development and maintenance of Intrusion Detection/Prevention Systems such as FireEye, and Cisco Sourcefire IDS/IPS
Perform Secure Code Development Training to developers and relevant staffs
Perform deployment, development and maintenance of Security Information and Event Management (SIEM) Systems such as QRadar and ArcSight
Assisting in IDS and IPS configuration and management
Providing consulting function to IIS leaders in addressing their IDM and Access Management posture
Assisting in SIEM configuration and management

Houston, TX

Principal, Security Engineer

Houston, TX

Fisher Group

Houston, TX

Principal, Security Engineer

This position provides opportunities to interact with very diverse areas within our company, and every technology we work with
Create and manage enterprise security standards, design patterns, and reference architectures
Participate in network and web architecture design reviews and provide security recommendations
Strong background in network and security and tools, including IDS/IPS, NAC, DLP, VPN, firewall audit, endpoint, anti-malware, database audit and monitoring
Clearly communicate results to decision-makers via summary reports or interactive data visualizations
Communicate with other departments in the company to ensure that security is championed throughout their process
Security applications utilized for logging, packet capture, email, directory services, web, authentication, remote access, and encryption

present

Boston, MA

Senior Principal Security Engineer

Boston, MA

Gutkowski, Steuber and Stanton

present

Boston, MA

Senior Principal Security Engineer

present

Build high level security design, development and testing strategy by closely working with architects, programmers, security engineers, system analysts
Applies Cyber Security Engineering and Network Security Engineering expertise to optimize NGA' enterprise protection posture
Be the Security Development Lifecycle (SDL) evangelist for EMC business units and work across EMC product groups as the subject matter expert on SDL
Collaborate with the SCAP community to build out XCCDF and OVAL files to provide automated scanning and hardening capabilities
Establish self as a subject matter expert on a specific product security domain across the company
Provides and participates in A&A support for projects and technical exchange meeting
Research and provide guidance and recommendations on Security tools that help product teams do better design, code analysis, testing, etc…

Education Education

Bachelor’s Degree in Computer Science

University of Virginia

Bachelor’s Degree in Computer Science

Skills Skills

Experience in building and testing highly scalable and high available network solution
Experience with Build Forge, RTC, TFS and Jenkins is highly desirable
Highly technical and comfortable with writing Powershell, and Python scripts as well as .NET
Possess a considerable working knowledge of current security concepts across multiple computing environments
Professional certification in IT security or network / systems administration is desirable (CISSP, GIAC, MCSE, others)
Strong understanding of security best practices and vulnerability assessment
Ability to work cooperatively and professionally with co-workers, customers and management
Experience with Fortify Upgrade is highly desirable
Experience with Hadoop Technology is highly desirable
Ability to write high-quality intelligence assessments and briefings for senior-level executives as well as technical staff

Create a Resume in Minutes

15 Principal Security Engineer resume templates

Read our complete resume writing guides

Principal Security Engineer Resume Examples & Samples

At least 10 Years’ experience in Information Technology
Working knowledge of Core Security Concepts
Working knowledge of Development Lifecycle Security Controls
3 years of hands on experience with Fortify (preferred) or any other source code scanning tool
5 years of experience in Application Development/Application Builds
2 years of experience in Application Security Vulnerability Remediation
Experience with development of Security Requirements and Threat Modeling
Experience using Fortify SCA (Static Code Analyzer), AWB (Audit Work Bench), SSC (Software Security Center), CSC (Cloud Scan Controller) and Fortify IDE Plugins
Experience with Fortify Build Integration
Experience with ANT, NANT, Maven, Visual Studio Builds
Experience with Build Forge, RTC, TFS and Jenkins is highly desirable
Understanding of SSL and digital certificates
Experience with Fortify Upgrade is highly desirable
Experience with Hadoop Technology is highly desirable

Principal Security Engineer Resume Examples & Samples

Manage and maintain Comcast compliance tool platforms
Serve as a key contributor to assist company-wide efforts designed to achieve Comcast's compliance objectives
Play a key role in working with product vendor for proper tool functioning and ensure product related issues are addressed in a timely manner
Integrate compliance tools with other IT systems for process automation that leads to reduction in manual efforts thereby saving time and money
Mentor other team members in using compliance tools
Generally requires 10+ years of Information Security experience
Work collaboratively across multi-disciplinary teams throughout the company as a security expert to identifying potential risks and implement remediating controls
Regular, consistent and punctual attendance. Must be able to work nights and weekends, variable schedule(s) as necessary
Demonstrate strong organizational and time management skills
Manage relationship with vendor for product support and quick resolution of issues that require escalation
Comcast is an Affirmative Action/EEO employer M/F/D/V

Principal Security Engineer Resume Examples & Samples

Ensure industry standard security practices and established company controls are followed in support of all systems within SaaS environment
Assisting in Access provisioning, de-provisioning, and monitoring
Assisting in SIEM configuration and management
Assisting in IDS and IPS configuration and management
Support of Key & Certificate Management initiatives
Identify control gaps and recommended remediation and improvements
Adhere to PCI, NIST, ISO standards and have active involvement in process enhancement and development
Participate in designing security solutions across the enterprise
Participate in security assessments response and remediation work
Monitoring, responding, and providing solutions to security alerts
Update and maintain assigned information security documentation
Provide detailed reporting on current state of controls as directed

Principal Security Engineer Resume Examples & Samples

Working knowledge of software development tools (debugger's, emulators, compilers, etc)
Ability to read schematics and debug analog and digital hardware
Able to use oscilloscope and logic analyzer for troubleshooting
Working knowledge of software development processes
Working knowledge of embedded operating systems
Analyze customer/internal requirements and specifications and translate these into software designs
Develop high quality software code based on designs
Perform extensive unit and system level testing to insure that all requirements are met and the highest software quality is achieved
Analyze existing embedded software to add features, make modifications, fix bus, and/or port to different platforms
Participates in internal and customer driven design reviews throughout program
Coordinates software development activities with software team leader
Identifies product requirement or performance issues. Works with software team leader to negotiate resolution
Communicate with peers inside the Harman group to coordinate software development. This includes occasional travel for training or coordination with other groups
Manages small projects and technical resources, including planning, estimating and follow through
Manages large projects and technical resources, including planning, estimating, and developing requirements in compliance with the established software development process
Works with the customer to further define requirements and to resolve issues
Solves problems with highly effective solutions. Provides technical and philosophical guidance to others. Challenges existing paradigms resulting in large quantifiable improvements
Applies intensive and diversified knowledge of engineering principles and practices in broad areas of assignments and related fields
May direct the work of a team of engineers
Bachelors Degree in Electrical/Computer Engineering or equivalent
6+ years of hard core embedded software development
6+ years of C/C++ or other structured language
Experience developing and debugging software in a real-time, embedded, multiprocessor, multi-interface environment
Willing to learn
Master's degree in Electrical Engineering, Computer Science or equivalent
Informal training in embedded and network security
Previous experience with embedded or network security
Experience with applied cryptography, cybersecurity
Strong OS experience with QNX, Embedded Linux, and/or Android
Assertive
Exemplary verbal and written communication skills

Principal Security Engineer Resume Examples & Samples

Bachelor’s Degree in Computer Science, Computer Engineering or related field, or 10+ years relevant work experience
10+ years of experience in vulnerability testing and auditing
10+ years of application security experience
10+ years of experience and involvement with development team(s) that delivered commercial software or software-based services (development, QA testing, or security role)
Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
Development experience in C, C++ and/or Java and scripting skills (e.g., PERL, shell scripting)
Master’s/PhD degree in Computer Science or equivalent
15+ years of security engineering experience
Experience with service-oriented architecture and web services security

Principal Security Engineer Resume Examples & Samples

Experience with all-source intelligence analysis researching data from multiple intelligence sources and databases and analyzing findings
Knowledge of computer networking and Internet technology with a technical orientation
Ability to write high-quality intelligence assessments and briefings for senior-level executives as well as technical staff
Foundational understanding tactics used by APT, Cyber Crime and other associated threat group
Practical experience with security incident response
Advanced understanding of network communications (TCP/IP networks, HTTP basics)
Experience with the Cyber Kill Chain framework
Experience with Security Intelligence or Intelligence Analysis

Principal Security Engineer Resume Examples & Samples

Active Directory group/user administration
Troubleshooting background
Active Directory account management for UNIX
UnBoundID administration
LDAP Queries
Oracle, DB2, and/or SQL Server
Experience reviewing baseline settings
End user and/or administration experience with Quest Change Auditor

Principal Security Engineer Resume Examples & Samples

At least 10 years of enterprise level infrastructure or application experience
At least 9 years of system, network and/or application security experience
Expert experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
Scripting skills (e.g., Perl, Python, shell scripting)
Deep knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, BGP and other routing protocols)
Knowledge of techniques for authentication, authorization and use of cryptographic systems
Knowledge of platform level hardening

Principal Security Engineer Resume Examples & Samples

Participate in architecture and design reviews with senior development/DevOps staffs
Define and design security code analysis tools and framework
Conduct white box security testing to assess and validate application security
Define, maintain and enforce application security best practices
Monitor and track progress of found vulnerabilities and maintain the history
Explain and demonstrate vulnerabilities to application/system owners, and provide recommendations for mitigation
Issue reports on assigned application and system scans
Perform Secure Code Development Training to developers and relevant staffs
Recruit security champions within the development teams
Bachelor’s degree in an Information Technology related field of study or equivalent experience
3+ years of experience in application security
3+ years of experience in application development
Experience with HTML, Javascript, and Visual Studio along with a solid understanding of HTTP protocol
Basic knowledge of SQL and prior experience with programming in one or more server-side technologies such as ASP.Net and Java etc
Experience with application security code review practices and methods, such as OWASP Top Ten
Knowledge of distributed and cloud-based infrastructures/software and how they affect security needs
Excellent problem solving and analytical skills; outstanding oral and written communication skills
Self-motivation and the ability to work under minimal supervision are a must
Experience conducting secure code development training
Experience using Agile software development and project management
Experience using vulnerability assessment tools/platforms such as Nessus, Qualys, GFI, Cigital, Veracode, etc
Web-application security, Linux system security
Knowledge of cryptographic tools or security APIs
Understanding of malware such as worms, virus, Trojans, etc

Principal Security Engineer Resume Examples & Samples

You’ll effectively advocate for security engineering within the CPE team by teaching sound security engineering practices, which may include producing code samples and test methods; reviewing test plans and code analysis metrics of our teams; designing and implementing connections between vulnerability scan results and corrective actions
You’ll deploy and operate best-of-class tools to detect security threats and incidents; respond to detected threats by driving the quick mitigation of such issues by the larger engineering team; work with security experts within Symantec to characterize and propagate knowledge of these threats to our product teams and customer base
You’ll work with operations and development staff to strike a sound business balance in our security policies between agility, productivity and convenience on one hand, and the confidentiality, integrity and availability of customer data on the other
Periodically you will evaluate the effectiveness of our security controls through penetration testing and other forms of threat modeling, log analysis, incident Pareto charts and other methods
Passionate about data security with a strong desire to learn more from the industry’s leading experts about hybrid cloud security issues, cryptography, threat modeling, penetration testing, and secure software development
Recent experience securing production workloads in public clouds (AWS, Google, Azure, other)
Recent experience implementing federated IAM (e.g., RBAC, SSO, SAML, Shibboleth, Kerberos) with deep understanding of authz/authn problems and solutions
Professional experience developing applications using mainstream OO technologies (C++ or Java)
BSEE or equivalent, or equivalent practical experience

Principal Security Engineer Resume Examples & Samples

Provide expertise and understanding of the Corporate Identity Management landscape working with leadership to design, engineer and expand the IDM service footprint
Develop the appropriate technical and leadership skills to perform strategy, solution architecture, project management tasks, technical design and analysis in the delivery of these services
Build, test and rollout of the enterprise IDM and Access Management solutions in collaboration with internal and external resources
Serve as a subject matter expert to the business stakeholders and understand their core business processes, business priorities which can be enhanced using IDM solutions
Provide technical Engineering and vision for customers' application platforms
Ability to support negotiations on scope of work as well as manage work with outside vendors / integrators. This includes SOW, MSA, NDA's, along with full financial tracking and defining business benefits
Review IDM and Access Management solution design working with Managed Partner services: ensure innovation, security, and business requirements are met, while also keeping a keen eye on improving the associate's experience with technology
Partner with other internal or supplier teams as needed (e.g. architecture, information security, network)
Collaborate cross-functionally with other technology teams and security policy organization
Define an enterprise IDM Engineering strategy, with a roadmap of key deliverables and timelines, and deliver consistently
Mentor other members of the team on IDM best practices
Maintain up-to-date knowledge by researching new technologies and software products, participating in educational opportunities and conferences, and reading professional publications
Foundational knowledge of Identity Management technologies such asSailPoint, PingID, CA Minder Suite, Oracle Identity suite
Experience with roadmap ownership, use case creation, strategy development, KPI development, and customer relationship management
Significant experience working with large tier security vendors leading RFI/RFP's and contributing to industry standards and working groups
Developing, operating and supporting high quality technology products & services for IAM portfolio
Working in active partnership with stakeholders (Office of the Global CISO, IIS Security Strategy and Architecture teams, IIS Policy and Compliance Organizations, Network Engineering Organization, and the Business) to understand often unique business requirements and articulating, and building support around a long term vision surrounding the benefit of identity management and access controls
Demonstrating leadership in achieving shared objectives in a matrix organization together the ability to work effectively on cross-functional teams
Ensuring that operational and incident trends and observations are considered with regard to the evolution of the company's enterprise security architecture capabilities
Communicating and working through conceptual design (CCD-HLD) and (SLD) system level design to design in compensating controls, increase visibility/telemetry and IR capabilities
Designing and evaluating platforms and structure for integrating diverse security toolsets and technologies
Providing consulting function to IIS leaders in addressing their IDM and Access Management posture
Promoting a consistent risk vocabulary for application risk and controls and aligning that vocabulary with related compliance and business risk disciplines within the organization
Developing metrics that demonstrate current technology implementation roadmaps, indicators of progress, and alignment across IIS teams for those activities
Supporting other senior leaders in Information Risk Management in leveraging those metrics as part of the overarching risk and operational dashboard
Formally and informally responding to customer and regulatory requests with regard to application security services, mechanisms and safeguards (this includes regular communications with regulatory, privacy and legal stakeholders and active participation in both internal and external audit activities)
Working under extreme pressure and tight deadlines in a calm and collaborative fashion leading from the front
5+ years of experience leading IDM Engineering teams and building Access Management Platforms and Solutions
5+ years of leadership and mentoring experience in hands-on and rolling up your sleeves management
10+ years of experience managing and providing technical leadership for complex enterprise security projects/programs for a large enterprise organization
5+ years of experience with Identity Management technologies and implementations
Specific experience managing projects / programs from concept through implementation (supporting oversight processes) using a structured project management methodology across the entire project life cycle yet not a project manager per se
Industry-specific certifications including one or more of the following: C|CISO, CISSP, CISA, CISM, ISSACA

Senior Principal Security Engineer Resume Examples & Samples

The position calls for expertise in the cybersecurity field
Knowledge of cyber issues and understanding latest tools, technologies and attack methodologies in order to assess the state of ETRADE’s cybersecurity and identify gaps, vulnerabilities and propose solutions are at the forefront of skills required
Must be familiar with developing and using metrics to drive decisions that positively influence budgeting and operating environment
Ability to quickly adapt to and learn unfamiliar technologies, and the discipline to follow process in a regulated financial environment are requirements
This position provides opportunities to interact with very diverse areas within our company, and every technology within the Company and teamwork is a must
Communicate issues and recommendations to senior decision makers within the Company in a clear and concise fashion. Verbal and written skills are an important part of this position

Principal, Security Engineer Resume Examples & Samples

The position calls for using a diverse set of technical and security skills and interests, the ability to quickly adapt to and learn unfamiliar technologies, and the discipline to follow process in a regulated financial environment
A motivated, innovative, problem-solving engineering outlook is highly desirable
Responsible for maintaining security programs, evaluating vendors to fulfill security needs, onboard vendor applications, develop in house niche security capabilities and participate in evaluation of the Company’s cybersecurity posture
This position provides opportunities to interact with very diverse areas within our company, and every technology we work with
Clearly communicate results to decision-makers via summary reports or interactive data visualizations
A minimum 7 years in security or associated field and 7 or more years working with the following
Strong background in network and security and tools, including IDS/IPS, NAC, DLP, VPN, firewall audit, endpoint, anti-malware, database audit and monitoring
Security applications utilized for logging, packet capture, email, directory services, web, authentication, remote access, and encryption
Experience in IT security technologies, policies, and procedures
Demonstrated ability and willingness to work within a team, and to coordinate effectively with other teams to solve problems or guide complex projects through to completion and launch

Principal Security Engineer Resume Examples & Samples

Computer science/related degree, or equivalent experience
8 years of security and related experience
Experience with large scale enterprise or service provider environments
Deep knowledge of the threats enterprises are facing in today's world
Experience using large amounts of data to drive security detection and response, using commercial or open source solutions
Experience with a wide array of technologies such as: Linux, Windows, vulnerability management solutions, network security tools (IPS/IDS), virtualization, cloud security and the ability to learn new systems rapidly
Ability to multi-task under strict deadlines
Experience using open source security solutions, or even better, contributing to some of them
Being very effective at scripting in one language or another
Experience speaking at information security conferences
You participated in CTFs before. This is not a role that will focus primarily on offense, but any offensive skill is useful to designing effective defenses

Principal Security Engineer Resume Examples & Samples

Prepare through RedTeam, BlueTeam, and other real-world simulations
Protect GoDaddy infrastructure by containing and eradicating adversaries through
Real time monitoring, detection and analysis of potential intrusions
Document and learn from security incidents to provide recommendations and awareness to the organization
Collaborate with GoDaddy teams to continue to improve our security posture and be upstanding citizens within the security community
Support and respect each other while passionately working together to realize our vision
Instill security concepts in cross-departmental architecture reviews as well as other strategic technical and product discussions
Evangelize security best practices
Diamond Model of Intrusion Analysis
Correlate and analyze observables from security events within the network
Perform memory analysis with Volatility or Rekall
Incident Response Lifecycle
Agile methodologies
Conduct forensic analysis for security events

Principal Security Engineer Resume Examples & Samples

Contribute to system and architectural designs, from server to device, providing security input
Perform risk analysis, as well as vulnerability and security assessments
Write and develop high assurance software in C and assembly
Participate in code reviews, testing and architectural planning of new products
To contribute to project planning of new features, design and implementation
To mentor and coach others in security best practices
Provide support to both internal and external customers
Participate in standards meetings
To keep pace with the fast moving fields of cryptography and software security
Outstanding programming ability in C, C++ and scripting
Strong understanding of security best practices and vulnerability assessment
Experience in design and implementation of cryptographic systems, including cryptographic primitives
Active interest in security, cryptography, and a strong understanding of modern development techniques for providing high assurance software
Deep understanding of system wide security issues, from device to cloud
Excellent understanding of networking protocols, TCP/IP and SSL/TLS
Pro-active and self motivated
Willingness to be flexible and accept new challenges
Experience of low-level development work, preferably on embedded devices
Experience in working with an open source community
Familiar with agile software development and its principles
Experience in development of cryptographic libraries
Understanding of modern security and cryptographic standards
Experience in an assembly language, preferably ARM
Experience of open source development methods and practices, and use of git

Principal Security Engineer Resume Examples & Samples

The Principal Security Engineer must have the ability to identify, document, and recommend security safeguards and configurations in a highly complex environment with a demonstrated ability to recognize, and appropriately incorporate layered security safeguards within the network, application, and data layers from both an offensive and defender’s perspective
The Principal Security Engineer must be an adaptable, pragmatic, and positive professional, who is comfortable in delivering clear and concise information at both a technical and managerial level
Assess technological business initiatives to identify the threat landscape and security requirements, create technical documentation and solution overviews, and provide guidance on risk mitigation strategies for identified threats and vulnerabilities. Work effectively with other Information Security teams and outsourcing providers to ensure technology security solutions are in alignment with organizational strategic requirements
Create and publish security technology white papers or position papers and create security configuration checklists (e.g., hardening or lockdown guides) for technology platforms and solutions (e.g., operating systems, databases, firewalls, etc.)
Operate as a security ambassador to the larger organization by keeping management team and relative peers informed of the latest security trends and threats, driving the security technology pipeline and strategy for the team, and presenting internally and externally on security technologies and solutions
Provide security consulting services internally to the engineering organization by giving guidance and functioning as an information security SME
Act in a mentoring or coaching capacity for team members and further technical skills through certifications and continual self-learning
10+ years of experience in one or more of the following information security domains: identity and access management, cryptography, data loss prevention (DLP), cloud, enterprise mobile security, endpoint security, incident response, network and perimeter security, or web and mobile application security
10+ years IT Security Engineering, Architecture, or Operations experience working in an enterprise infrastructure environment
5+ years of experience security solution engineering or security architecture
Must possess working knowledge of various industry security standards and frameworks including: PCI DSS, ISO 27001, ISF Standard of Good Practice (SoGP), NIST Special Publications, etc
Teamwork and communication skills, both written and verbal
Bachelor’s degree in Computer Science, Information Systems, or related field; 15+ years of equivalent work experience required in lieu of BA/BS degree is acceptable
Experience implementing and assessing risks using Threat Modeling frameworks such as STRIDE, DREAD, or Cyber Kill Chain
Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, CEH, or other relevant industry certification strongly preferred

Principal Security Engineer Resume Examples & Samples

To take responsibility for delivery of a functional area or feature of the product
To participate in or lead code reviews, testing and architectural planning of the product, and sign off on their quality
To contribute to project planning of new features
To help provide support to both internal and external customers
To stay up to date in an ever changing and fast moving field
You are a strong programmer, with several years of experience in C and/or C++, and familiar with the common security issues in using C
Experience with the ARM architecture — ARMv6-M/ARMv7-M and/or Cortex-A —and with assembly programming (ARM, x86)
You have an active interest in security, including software, networking and/or hardware
Experience of technical or team leadership and full lifecycle development
Experienced in open source development methods and practices, and use of git
Several years of experience with low-level development work, preferably on embedded devices
Penetration testing of embedded systems, and an understanding of common vulnerabilities and their exploitation
Experience with Public Key Infrastructures

Principal Security Engineer Resume Examples & Samples

Experience coding in Java or Python
Interest in working with colleagues to understand our products and improve our existing security infrastructure
Published research on application security

Principal Security Engineer Resume Examples & Samples

Support Staples’ private key infrastructure including internal CA and RKM
Work with the PKI and other teams to help resolve issues relating to certificates
Identify, document and update certificate processes
A Bachelor of Science degree in Computer Science, or related field, or equivalent experience
PKI or other security related industry certification
1+ year Venafi experience

Principal Security Engineer Resume Examples & Samples

Participate in On-Call incident response
Conduct security reviews of products and services used or developed by HERE
Guide and create guiding material to support R&D and Ops teams in HERE to ensure secure development, deployment and maintenance practices across the organization
Develop and maintain internal tools to be used for security related task automation
Coordinate and participate in auditing/penetration testing activities
Coordinate and participate in tests and pilots of security products to be utilized by HERE
5+ years of experience in securing IT systems and infrastructure
Understanding of modern attack vectors and mitigation steps in modern internet environments
Knowledge of modern technologies and approaches to detection of malicious activities
Understanding of digital forensics activities such as evidence collection and malicious activity analysis, ability to perform said activities
Understanding security principles, best practice architectures, tools and processes
Experience in configuring, administering and hardening Linux environments
Ability to communicate security objectives both in spoken and written word to a variety of audiences; from non-technical business executives, through to Ph.D. educated security experts
Understanding of operations of a variety of database engines, including Oracle and MySQL
Experience in development and deployment of applications using Tomcat, JBoss, Jetty and Glassfish
Experience with a broad range of web technologies and standards
Ability to strategize and conduct penetration testing and security assessments for Web Applications – including REST/SOAP APIs and platform assessments
Knowledge of network architecture, standards and protocols
Ability to take business cases, drivers and priorities and integrate these requirements into overall security design
Ability to work in multi-cultural environments and internationally distributed teams

Principal Security Engineer Resume Examples & Samples

Extensive knowledge of IT security capabilities, covering current and emerging technologies
Strong grasp of the value of IT investment in terms of costs, benefits and strategic value
Proven ability to identify and reduce redundancies among existing and proposed IT efforts
Ability to bring together overall security architecture
Must be technology-agnostic
Proven ability to negotiate with internal and external partners
Full-stack knowledge of IT infrastructure, including but not limited to, applications, databases, operating systems — Windows, Unix and Linux, hypervisors, IP networks — WAN and LAN, storage networks, and backup networks and media
Familiarity with the principles of cryptography and cryptanalysis
Experience in application technology security testing (white box, black box and code review)
Experience in system technology security testing (vulnerability scanning and penetration testing)
Ability to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed with security control technologies and processes
Demonstrated proficiency in technical security procedures and standards
Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and NIST
Strong analytical skills to analyze security requirements and relate them to appropriate security controls
Bachelor’s degree and a minimum of 8 years experience required

Principal Security Engineer Resume Examples & Samples

Design, implementation and administration of new and existing CA SSO and related infrastructure
Design, implementation and administration of new CA Identity Minder and related infrastructure
Design, implementation and administration of new UnboundID LDAP and related infrastructure
Develop and configure integration methodologies and practices for complex use cases with extensive customization
Work with various teams involved with different aspects/phases of the application lifecycle
Provide CA SSO/IDM/LDAP SME (subject matter expert) level support to operations teams for both development and production environment. This will include occasional after-hours for escalated production issues
Design and develop provisioning and de-provisioning processes / workflows for accounts across various internal and external systems / expose TEWS functionality
Work with Operations to deploy, automate and integrate new technologies into the current environments
Work with Architecture, Development, and Business teams to identify CA SSO and IDM functionality that can be enabled and integrated to improve security or performance

Principal Security Engineer Resume Examples & Samples

Responsible for providing high level technical leadership focused on complex information security architecture
Performs security research, analysis, and design for all client computing systems and the network infrastructure
Responsible for managing security alerts, events, and security incidents, including forensic analysis
Develops, implements, and documents formal security programs and policies throughout the organization and monitors compliance to these policies and programs
Leads the technical aspects of internal security audits and investigations
Represents the organization’s technical security interests with partners, suppliers, industry associations, and government entities to ensure the bi-directional flow of technical information and best practices in the area of information security
Manages and maintains a library of security audit tools, and corresponding processes that can be used for system security testing, internal audits, incident response, and diagnosis of security-related system issues
Monitors trends in information technology and security that could have an impact on the security of the organization’s products, processes, infrastructure, or customers
Responsible for the technical direction, leadership, and training of less experienced staff

Principal Security Engineer Resume Examples & Samples

Provide technical leadership for the design, deployment and operation of global IT Security management software and hardware devices including, but not limited to: AntiVirus defense, Intrusion Detection, encryption systems, authentication and access control systems, network scanning and vulnerability assessment, etc
Serve as incident leader on IT Security incident response teams. Apply forensic investigation techniques to document root cause and impact of detected computer security incidents
Manage IT security assessments or audits of internal networks and systems. Document findings in written reports with recommendations for remediation
Lead the development and documentation of an overall IT Security architecture to assure confidentiality, integrity and availability of company IT assets
Maintain awareness of new and emerging cyber attack threats with potential to harm company systems and networks
Lead the development and maintenance of IT security measurement and reporting systems to aid in monitoring effectiveness of IT Security programs
Lead the development, revision, and maintenance of Standard Operating Procedures and Working Instructions related to IT Security
Possess detailed technical knowledge of Windows and Unix server system administration and network management and administration technologies, including routers, firewalls, switching technology and TCP/IP protocol management
Possess a considerable working knowledge of current security concepts across multiple computing environments
Possess excellent organizational, written and verbal communication, and technical skills
Bachelor’s Degree in computer science or related IT field; or equivalent combination of education, training and experience
7 years IT security administration, Unix, NT including 4 years IT security management / engineering experience or network systems administrator with security experience
Professional certification in IT security or network / systems administration is desirable (CISSP, GIAC, MCSE, others)

Principal Security Engineer Resume Examples & Samples

Perform deployment, development and maintenance of Security Information and Event Management (SIEM) Systems such as QRadar and ArcSight
Create, modify, update IDS/IPS and Security Information Management (SIEM) tool rules
Experience with Vulnerability Scanning systems such as Nexpose and Nessus vulnerability scanners
Perform network security architecture and engineering through the design and development of network segmentation and network security tool stack
Responsible for managing and maintaining FireEye Security Tool suite (NTAP, EX, NX, HX devices)
Experience in management and maintenance Next Generation Firewalls such as Cisco NGFW, Checkpoint, Palo Alto, Juniper firewalls, etc
Experience in deployment, management and maintenance of web proxies such as Blue Coat Proxy, Cisco Web Proxy, McAfee Web Gateway, etc
5+ years of Enterprise Architecture experience

Principal Security Engineer Resume Examples & Samples

Eight or more year of experience in information security
Two or more years of experience in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management
Extensive knowledge of IT environment including service-oriented and IT architecture, industry trends and direction, system and technology integration, and IT standards, procedures and policies, and emerging technologies
Extensive knowledge of software licensing, product and vendor evaluation, technical troubleshooting, and software processing improvement
Working knowledge of IT audit and control, governance, asset management, change control, training delivery, and technical writing/documentation
Extensive knowledge of information security technologies and administration
Working knowledge of IT architecture, audits, network and internet security, information assurance, and computer crime

Principal Security Engineer Resume Examples & Samples

Vulnerability Management – Identification and management of vulnerabilities in commercial, open source and custom software
Threat Management – Identification and management of threat and breach detection systems which include the capturing of data for further forensic analysis and anomaly detection
Penetration Testing – Ability to exploit vulnerabilities by conducting regular penetration tests on TripAdvisor and its Business Units
Interact with Governance, Risk and Compliance groups as required to help prioritize risk and assess compliance status
Operate across the entire lifecycle of a platform from infrastructure build through to deployment and operational support, with attend to functional and non-functional requirements, including performance, scalability and security
Build integration and automation on data feeds from AV, IDS, SIEM, and FIM devices. Initiate automated remediation actions and further research controls and countermeasures where required
Understand new and emerging threats, vulnerabilities, and exploits that can affect TripAdvisor’s information resources confidentiality, integrity and availability
5 years of systems and application design, including the operational trade-offs of various designs
DevOps and scripting skills a must. Capability to program in at least one language (other than Bash), ideally Python or Perl, but Ruby, C/C++, Java work as well
Demonstrable knowledge of TCP/IP, HTTP, web application security, and experience supporting multi- tier web application architectures
Must be adaptable and able to focus on the simplest, most efficient & reliable solutions
Track record of successful practical problem solving, excellent written and interpersonal communication, and documentation skills
Experience with configuration management tools such as Puppet, Chef, Salt, or Ansible
Very strong infrastructure and web service automation skills are essential
Experience of enterprise governance, risk and compliance programs (PCI-DSS, MA CMR, SOX) a plus
Experience in performing vulnerability assessments and penetration testing (Network, Client, Web App, Wireless and Social Engineering)
Understanding of exploitation techniques for various vulnerabilities
Understanding of security principles, best practices, tools and processes
Strong knowledge of operating system security concepts as well as Linux, Windows and Mac OS in particular
Advise other teams on secure design of their systems
Perform security assessments for newly acquired businesses
Familiarity with cryptography including PKI, TLS, and key management
Manage large amounts of threat and vulnerability data and create integrations
BS in Computer Science or equivalent field
Relevant certifications (CISSP, GIAC, ISSAP, CISM or PCIP)

Principal Security Engineer Resume Examples & Samples

Provide hands-on subject matter expertise to build and implement data security solutions
Research, evaluate, architect, and deploy new tools, frameworks, and patterns to build scalable cloud services
Design and implement complex highly scalable data security, DLP and anti-malware solutions
Interface with Engineers and Product Managers to understand feature requirements
Participate in the scrum team under our agile development process utilizing principles such as test-driven-development
Work with DevOps team to implement failover and highly available solution in production environments
10+ years of hands-on large-scale software development
Must have development and/or architecture experience in enterprise security and network environment, DLP, Anti-Malware etc
Knowledge of cloud solutions (Amazon Web Services, Oracle Cloud, Office 365, Salesforce, Box, and Google GSuite) with hands-on experience in direct API integration
Experience in building and testing highly scalable and high available network solution
Experience using Data Loss Prevention products (Symantec DLP, McAfee DLP, Digital Guardian, RSA, etc.)
Define policy/rules for the cloud DLP solution and recommend rule changes based on cloud security trends
Develop incident response remediation workflow for DLP alerts and incidents
Hands-on experience in developing software in C/C++, Java, Python, No-SQL database, gdb, IDE, Regular expression and Unix/Linux environment

Senior / Principal Security Engineer Resume Examples & Samples

Defines security configurations for endpoint, network, e-mail security, etc
Designs automated workflows to streamline security operations
Excellent written and oral communication skills and the ability to express themselves verbally in a clear and concise manner

Principal Security Engineer Resume Examples & Samples

Engaging business and technology stakeholders at all levels to gather long term goals & requirements
Utilizing and applying security technology at an enterprise and solution level
Transitioning technology from a local focus to a central technology service organization
Working in a complex, matrix organization; and
Understands the functions applied in the support of and integration with key business and strategic priorities
Contributes new intellectual capital through deep expertise in a subject matter area and/or technical domain within this function
Translate pillar strategy by leading and/or managing others and performing work with significant independence
Influences both internally and externally through building and leading a large team or complex project, or multiple teams or projects, within the sub-pillar team
Builds and maintain complex programs while supervising teams to execute against overall strategy; and,
Performs Security Engineering tasks with autonomy

Senior Principal Security Engineer Resume Examples & Samples

Lead and mentor product teams in performing Security activities such as Threat modeling, Security Testing and risk assessment. Be able to apply these practices to individual products and solutions. Specific experience in building security in Cloud and Web applications is required
Understand prevalent security vulnerabilities such as authentication bypass, command injection and cross-site request forgery, their impact, and their efficient remediation
Be the Security Development Lifecycle (SDL) evangelist for EMC business units and work across EMC product groups as the subject matter expert on SDL
Work and collaborate with other members of the DELL EMC Product Security office to develop tools and services for the rollout of secure software development at DELL EMC
Research and provide guidance and recommendations on Security tools that help product teams do better design, code analysis, testing, etc…
Help product teams harden their systems, at the OS level, employing techniques such as configuring SSH, and password complexity. Experience with STIG/SRGs is a plus
Establish self as a subject matter expert on a specific product security domain across the company
Independently represent product security programs, their relevance and expectations to senior product engineering staff
Act as the DELL EMC representative to collaborate with other industry experts on product security domain of expertise to represent and solidify DELL EMC's thought leadership in the domain. Represent Dell EMC in security conferences on various security topics
Build high level security design, development and testing strategy by closely working with architects, programmers, security engineers, system analysts
Have a deep understanding and hands on experience of secure product development, secure design and engineering practices like threat modeling, secure design principles, secure coding, code analysis, security testing, code signing etc. with proven success in providing consultative guidance to enterprise scale product teams in improving their security posture
Specific experience in building security in Cloud and Web applications is required
Ability to articulate business impact of software security problems translating them into worst case scenarios that drive business justification
Ability to conceptualize and self-initiate solutions to complex problems, identify business impact of these solutions
Working experience with security tools
Well-developed understanding of the business and competitive environment
Ability to lead people, projects, or operations; fosters teamwork and collaboration across organizations and geographies
Well-developed negotiation, influence and presentation skills, for technical and non-technical audiences
Readily adapts to the complexities of global business and fosters global processes, strategies and goals
Industry certifications: GIAC, CISA and/or CISSP, CSSLP preferred