Overview: In a defense industry setting, the Principal Security Engineer is a senior-level expert responsible for safeguarding sensitive systems and data against cyber threats. They design, implement, and maintain advanced security architectures while ensuring compliance with strict government security standards. This role requires deep technical cybersecurity expertise, strategic thinking, and leadership skills to guide teams and influence the program security posture. This senior position in the program requires U.S. citizenship and an active security clearance due to the sensitive nature.
Key Responsibilities
- Security Architecture & Strategy: Design and implement comprehensive cybersecurity strategies and architectures for defense systems, ensuring robust protection of networks and data. Identify and document system security requirements and develop solutions to meet or exceed those requirements.
- Risk Assessment & Mitigation: Conduct regular security risk assessments and threat analyses to identify vulnerabilities in systems. Develop and deploy mitigation strategies and countermeasures to address identified risks and continuously evaluate emerging threats to keep defenses up to date.
- Security Operations & Monitoring: Oversee the configuration, maintenance, and continuous monitoring of security infrastructure (e.g., firewalls, intrusion detection systems, SIEM tools) to detect and respond to security incidents in real time. Lead incident response planning and coordinate effective response to any security breaches or violations.
- Compliance & Documentation: Ensure all systems and projects comply with defense industry security standards and regulations (such as NIST SP 800-53, NIST 800-160, Risk Management Framework, and DoD STIGs). Maintain required security documentation and accreditation materials (e.g., System Security Plans, risk assessment reports) to support authority to operate and other compliance requirements.
- Cross-Functional Collaboration: Work closely with cross-functional teams (systems engineering, software development, IT, and project management) to integrate security requirements into all phases of system development and operations. Provide expert guidance on security best practices during design, implementation, and deployment of defense systems.
- Leadership & Mentorship: Lead security initiatives and projects, ensuring they are delivered on schedule and within scope. Mentor and guide junior security engineers and team members, fostering a culture of security awareness and continuous improvement. Communicate security issues and strategies to senior leadership and stakeholders in clear, actionable terms.
Qualifications and Required Experience
- Education: Bachelor’s degree in computer science, Cybersecurity, Systems Engineering, or a related field. Strong foundational knowledge of information security principles and practices is assumed.
- Experience: Extensive experience in security engineering or related field – typically 8-10+ years in progressively senior roles. Proven track record of securing complex systems, preferably in defense or highly regulated environments.
- Technical Expertise: In-depth knowledge of cybersecurity domains including network and system security, secure software development, encryption protocols, and vulnerability management. Hands-on experience designing and evaluating security architectures for complex systems and implementing enterprise security.
- Standards & Frameworks: Familiarity with U.S. defense and federal security standards and frameworks, such as NIST Special Publications (800-53, 800-160) and the Risk Management Framework (RMF) process. Experience developing or assessing Security Authorization artifacts in accordance with government requirements (e.g., NIST SP 800-37 RMF accreditation packages) is highly valued.
- Certifications: Relevant security certifications are preferred, for example CISSP or CISM for general cybersecurity management. DoD 8140 IAM/IAT or IASAE Level II/III certifications (e.g., CISSP-ISSEP, ISSAP) are a strong plus, as they demonstrate knowledge required for securing defense systems.
- Security Clearance: U.S. citizenship is required. Active Secret security clearance (or eligibility to obtain one) is required due to the sensitive nature of defense projects.
- Soft Skills: Excellent leadership and project management skills, with the ability to lead cross-functional security projects from concept to completion. Strong communication skills are essential – able to explain complex security concepts to non-technical stakeholders and to train staff on security best practices. A proactive mindset, attention to detail, and the highest ethical standards are expected for this role.
Basic Qualifications:
- U.S. Citizenship Required
Red River offers a competitive salary, excellent benefits, and an exceptional work environment. You can review our benefit offerings here. If you are ready to join a growing company, please submit your resume and cover letter (optional).
EOE M/F/DISABLED/Vet
Red River is an equal opportunity employer. All qualified applicants will receive consideration for employment. Discrimination or harassment based upon any protected characteristics as defined by state or federal law is wholly inconsistent with our company values and will not be tolerated.
#J-18808-Ljbffr