Principal Security Engineer - Threat Management

Job Summary

Principal Security Engineers lead our Information Security team in handling a diverse set of security-related tasks and issues for the company, with a specialized focus on Threat Management. Principal Security Engineers will be tasked with identifying potential threats, assessing the risks they pose, and developing strategies to mitigate them. This includes applying and evolving security policies, engineering robust security controls to protect against threats, and recommending strategic modifications to corporate systems and production environments to preempt security breaches.

Activities include implementing advanced threat detection mechanisms, leading threat intelligence and analysis efforts, coordinating incident response and remediation activities, and developing and reporting key performance indicators specific to threat management. Principal Security Engineers are expected to engage in professional development and maintain up-to-date knowledge of the threat landscape, threat modeling, and predictive security analysis.

Responsibilities

Develop and manage a threat intelligence and threat management program that includes the collection, analysis, and dissemination of information on emerging threats. Lead the deployment and management of advanced intrusion detection systems, security information and event management (SIEM) systems, and orchestrate the company's threat response initiatives. Utilize expert knowledge in critical technologies such as servers, networking, operating systems, databases, CI/CD, and cloud services to identify system vulnerabilities and potential threat vectors. Design and implement proactive measures to mitigate identified threats, resolve vulnerabilities, and reduce the company's risk profile. Ensure that security documentation is continuously updated to reflect the current threat landscape and the measures in place to protect against it. Direct and manage threat-related projects, provide ad hoc threat management support, and ensure that solutions align with iCIMS's security standards and the evolving nature of threats.

Qualifications

5+ years of experience in an information security analyst/engineering role with a significant focus on threat management. Develop and manage a threat intelligence and threat management program that includes the collection, analysis, and dissemination of information on emerging threats. Lead the deployment and management of advanced intrusion detection systems, security information and event management (SIEM) systems, and orchestrate the company's threat response initiatives. Utilize expert knowledge in critical technologies such as servers, networking, operating systems, databases, CI/CD, and cloud services to identify system vulnerabilities and potential threat vectors. Design and implement proactive measures to mitigate identified threats, resolve vulnerabilities, and reduce the company's risk profile. Ensure that security documentation is continuously updated to reflect the current threat landscape and the measures in place to protect against it. Direct and manage threat-related projects, provide ad hoc threat management support, and ensure that solutions align with iCIMS's security standards and the evolving nature of threats.