The IT Operations – Principal Corporate IT Security Engineer is responsible for creating and maintaining the corporate IT information security tooling and infrastructure. Working within a results-oriented, service-delivery team, this individual collaborates with various IT disciplines. The role involves root cause analysis, vulnerability remediation, automation tool development, and active participation in technical discussions.

　　In this role you will...

　　Partner with Information Security team on roadmap alignment with the company’s security vision and organizational strategy.

　　Lead in the design, planning, and implementation of information security solutions for corporate IT.

　　Assist in planning and execution of identity management and security roadmaps and technology enhancements.

　　Define and communicate plans, procedures, policies, and standards for acquiring, implementing, and operating new security systems, equipment, software, and technologies.

　　Ensure TSR compliance of new software and system integrations with security requirements.

　　Collaborate with IT Information Security, Business Technology Leadership, Enterprise Risk Management, and Compliance to ensure adherence to information security and privacy policies.

　　Educate stakeholders within IT Operations team on effective core and cloud security solutions and best practices.

　　Act as an SME on Cloud (AWS, Azure, O365) and core systems/IT Applications/security processes.

　　You Have What It Takes If You Have...

　　BS Degree in Computer Science, Computer Engineering, or equivalent.

　　10+ years’ experience in Cyber Security, infrastructure architecture, and IT operations.

　　3-5 years’ experience in Cyber Security.

　　Strong experience automating manual tasks using scripting and application development.

　　Strong hands on experience with enterprise security controls and security best practices for Windows, Linux and Mac systems

　　Strong experience with cloud security services, concepts, and best practices

　　Familiarity with software development lifecycle (SDLC) processes and source control technologies

　　Experience developing security architectures and frameworks (i.e. TLS, Zero-Trust)

　　Deep understanding of security principles in network, systems, cloud technologies, application development.

　　Hands-on experience in Secure Cloud architecture, Vulnerability Management, Network Security, Endpoint Security,

　　Advanced Threat Detection, Identity Management, Data Governance, and SEIM/SOAR.

　　Strong understanding of network and endpoint security tools and how they integrate into the SIEM and provide a cohesive view of network incidents and security.

　　Strong understanding of current cyber security threats and attack vectors

　　Advanced professional security-related certification (e.g. CISM, CISSP, etc.) is preferred.

　　Strong understanding of data, digital and automation impact for cyber solutions with focus on the future Zero Trust Architectures and Approaches

　　Experience with GAP assessments, penetration testing, and cost-benefit analysis and/or corporate risk assessments.

　　Demonstrated understanding of information security policies, standards, industry best practices, and frameworks (e.g. ISO, ITIL, and NIST 800-53).

　　Extensive knowledge with modern security tools across Office 365 (e.g. Defender, Exchange), EDR/XDR (e.g. Crowdstrike), Patch and Endpoint Management (e.g. Jamf and Intune), Vulnerability Management, AWS, Log Aggregation, SIEM, and Phishing

　　Hands on Experience with Microsoft 365 security features, Intune, MS Purview, and Zero Trust principles

　　Experience (Okta preferred) implementing simple to complex SSO integrations leveraging modern protocols and legacy header based architectures

　　Strong experience in data security practices and procedures, including systems analysis, authentication technologies, and access controls

　　Experience with OKTA Workflows and Rules

　　Experience with OKTA Lifecycle Management

　　Experience with OKTA API.

　　#LI-OnSite

　　Equal Employment Opportunity has been, and will continue to be, a fundamental commitment at Cornerstone OnDemand. All qualified applicants are given consideration regardless of race, color, gender, age, sexual orientation, national origin, marital status, citizenship status, disability, veteran status, or any other protected class as provided in applicable Federal, State, or Local fair employment laws. If you have a disability or special need that requires accommodation, please contact us at [email protected]