Principal, Cyber Security Engineer at Northern Trust

Chicago, Illinois, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Financial ServicesIndustries

Requirements

Minimum of 3 years working in public cloud as an engineer or developer role
Minimum of 5 years working as an Engineer, Developer, or Architect in Information Technology preferably Cyber Security
Software Developer Experience (Python, GOLang, Java, etc.…) is a plus
Strong understanding of cloud security principles and the integration of security into development workflows
Experience and familiarity with at least 2-3 Cloud service provider security services of Azure (e.g., Defender for Cloud, Sentinel, Key Vault) and AWS (e.g., Config, CloudTrail, Macie, etc.)
Strong hands-on experience codifying PaC (e.g., Rego) and using IaC provision tools (e.g., Terraform, ARM)
Familiarity with Git-based version control CICD processes and technologies (e.g., GitHub Actions, GitHub Package Repository)
Experience and familiarity with privileged access management and identity systems (e.g., Azure Entra, Okta, Ping) is a plus
Hands-on experience with integrated testing tools
Effective written and verbal communication skills to collaborate with cross-functional teams
Desired certifications such as Azure Security Engineer Associate certification, and AWS-certified security – Specialty, CISSP and CCSP

Responsibilities

Design, implement and support security measures for cloud platforms (3rd Party, Open Source, native), with a specific emphasis on Azure and AWS
Develop PaC and IaC maintaining security policies and procedures aligned with industry-standard frameworks such as CIS and NIST 800-53
Utilize and Implement CSPM tools such as Wiz and Defender to continuously assess, monitor, and enforce security controls
Work closely with security champions in various business units, providing guidance and support for their specific security needs
Contribute to cloud security roadmap to further enhance cloud security practices
Conduct regular security assessments, audits, and reviews of cloud configurations
Investigate and respond to security incidents, conducting root cause analysis and implementing corrective actions
Mentor junior team members

Skills

Key technologies and capabilities for this role

AzureAWSWizDefenderPolicy as CodeInfrastructure as CodeCSPMCISNIST 800-53Cloud Security

Questions & Answers

Common questions about this position

What experience levels are required for this Principal Cyber Security Engineer role?

A minimum of 3 years working in public cloud as an engineer or developer and 5 years as an Engineer, Developer, or Architect in Information Technology, preferably Cyber Security, is required.

What key technical skills are needed for this position?

Strong hands-on experience with codifying PaC (e.g., Rego) and IaC tools like Terraform and ARM, familiarity with CSPM tools such as Wiz and Defender, and experience with cloud security services in Azure and AWS are essential. Software development in Python, GoLang, or Java is a plus, along with Git-based CI/CD processes.

Is this a remote position or does it require office work?

This information is not specified in the job description.

What is the salary or compensation for this role?

This information is not specified in the job description.

What does the team structure or culture look like for this role?

The role involves working closely with security champions in various business units and mentoring junior team members as a technical leader.