Senior Principal Cybersecurity Analyst

The Senior Principal Cybersecurity Analyst is responsible for leading, supporting, and promoting the development, deployment, operation, monitoring, documentation, and oversight of cybersecurity controls and processes.

Essential Job Functions:


* Manages and communicates cybersecurity threats, risks, and state of controls to the Chief Information Security Officer (CISO) and stakeholders.


* Implements and operates security controls and automation across multiple cybersecurity subdomains.

Ensures security controls are well designed, effectively implemented, and aligned with organizational policies.

Designs and implements automated solutions for efficiently managing cybersecurity risk.


* Facilitates and supports security event and incident response activities.


* Defines, enforces, and promotes information security policies and related governance artifacts and processes.


* Ensures compliance with applicable regulatory and contractual requirements.


* Manages security vendor relationships; ensure vendors comply with contractual commitments.

Specific areas of knowledge or demonstrated capabilities applicable to this position may include the following:


* Threat hunting, detection, and response, potentially including the use of AI/ML techniques to detect and prioritize system-specific anomalous activity.


* Securing environments with substantial Amazon Web Services (AWS) dependencies


* SIEM technology, especially Splunk.


* NIST SP 800-series publications.


* Common information security vulnerabilities and attack patterns

Education/Experience Requirements:



* Bachelor’s degree in computer science, computer engineering, cybersecurity, or technical field preferred and a minimum of seven (7) years of professional experience in the design, operation, and monitoring of IT systems, with substantial emphasis on cybersecurity.


* Minimum of five (5) years’ experience in multiple cybersecurity domains appropriate to the job description, including designing, operating, monitoring, and assessing security controls for cloud-based systems such as AWS.


* Substantial experience using a variety of tools and resources to identify cyber security threats, vulnerabilities, configuration defects, and other deficiencies to determine root cause and identify remediation strategies and countermeasures.


* Understanding of common cybersecurity vulnerabilities and attack patterns and ability to explain how they are both exploited and countered.


* Must demonstrate intellectual curiosity and attention to detail, with strong verbal and written communication skills

Working Conditions:



* Hybrid work environment (Remote/Office)


* Occasional travel and extended hours may be required

For work that is performed in CA, CO, HI, MN, VT, IL, Jersey City, NJ, NY, NY, MD, Washington DC, and WA the chart below outlines the proposed salary range for the corresponding location.

In addition to location, a...