Principal Security Engineer

November 26

Apply Now

Receive Emails with Similar Jobs

Empower

WebsiteLinkedInAll Job Openings

Finance • Fintech • B2C

Empower is a leading provider of financial services focused on helping individuals and organizations achieve financial freedom through retirement planning and investment management. Serving over 19 million Americans, Empower offers a comprehensive suite of finance-related services, including smart planning and investment advice, and tools like the Empower Personal Dashboard™ for a complete financial view. The company is renowned as a top retirement plan provider and works closely with personal investors, workplace plan savers, plan sponsors, and financial professionals. Empower is also recognized for initiatives in Diversity, Equity, Inclusion, and has a social commitment that bolsters community impact.

10,000+ employees

💸 Finance

💳 Fintech

👥 B2C

📋 Description

• Lead major cybersecurity incidents from detection through containment, eradication, recovery, and post-incident review; including participating in on-call rotation • Serve as the top escalation point for complex, high-severity incidents, ensuring rapid and effective resolution • Develop, maintain, and optimize incident response playbooks, runbooks, and escalation procedures • Oversee enterprise-wide monitoring of networks, cloud, and endpoints for threats, vulnerabilities, and anomalous activity • Advance detection capabilities using EDR, SIEM, and behavioral analytics aligned with MITRE ATT&CK • Act as subject matter expert on EDR and SIEM • Design and implement automation frameworks (Python, PowerShell, AWS Lambda) to streamline response workflows and reduce manual effort • Integrate AI/ML models into security monitoring and response processes for enhanced detection accuracy and prioritization • Conduct forensic investigations and threat hunting to identify root causes and emerging threat patterns • Collaborate cross-functionally with infrastructure, application, and network teams to enforce secure configurations and compliance • Mentor and guide incident response analysts, fostering technical growth and operational excellence • Communicate effectively with executives and technical teams during and after incidents, producing clear reports and recommendations • Drive continuous improvement in detection, response, and prevention strategies to strengthen enterprise security posture

🎯 Requirements

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field • Must have CISSP Certification (Current and active) • 6+ years of experience in the realms of enterprise cybersecurity at scale • 5+ years of experience with EDR, SIEM, email and network security • 3+ years of experience with cloud environment security, scripting/coding • Extensive knowledge of the incident response process and lifecycle, ability to contribute to policy and procedure • Ability to respond to security alerts/incidents and drive the process start to finish • Ability to use generative AI in day-to-day operations as a force multiplier • Strong technical written and verbal communication skills, ability to document and present details on incidents • Strong analytic skills, able to analyze security incidents for root cause, resolution, lessons learned, and improvements • Excellent communication and leadership skills, with the ability to influence across technical and executive teams

🏖️ Benefits

• Medical, dental, vision and life insurance • Retirement savings – 401(k) plan with generous company matching contributions (up to 6%) • Tuition reimbursement up to $5,250/year • Business-casual environment that includes the option to wear jeans • Generous paid time off upon hire – including a paid time off program plus ten paid company holidays and three floating holidays each calendar year • Paid volunteer time — 16 hours per calendar year • Leave of absence programs – including paid parental leave, paid short- and long-term disability, and Family and Medical Leave (FMLA) • Business Resource Groups (BRGs) – BRGs facilitate inclusion and collaboration across our business internally and throughout the communities where we live, work and play. BRGs are open to all.