Info Security Engineer II (Remote Available)

US-IA-Des Moines | US-NM-Albuquerque | US-GA-Atlanta | US-TX-Austin | US-NC-Charlotte | US-OH-Columbus | US-TX-Dallas | US-CO-Denver | US-MO-Kansas City | US-WI-Madison | US-MN-Minneapolis | …

Job # 2022-34236

Responsibilities

As an Info Security Engineer in the Information Security and Risk Management department dedicated to the Service Center Business Unit Business Information Security Office team, you are accountable to promote, improve, and implement Principal’s security standards with an emphasis on SaaS and AWS Cloud solutions.

This is a superb opportunity for someone looking to weave software development Continuous Integration / Continuous Delivery and info security! In this role you will have the opportunity to evaluate architecture documents and recommend the best security practice flowing Security Framework recommendations and assist in the technical implementation of the security recommendations following through to a complete solution.

 

Here are a few examples of the kinds of things you will do:

  • Public speaking as you build and present professional reports to business unit peers’ leadership
  • Author security documentation and guidance to lead Principal information security standards implementation
  • Build and present training to engineers on best practices in engineering and architecture
  • Present a friendly face and well thought out solutions to engineers addressing security related integration needs
  • Design and integrate with software development teams to build security into CI/CD pipelines and software build practices
  • Actively consult in coding/programming with scrum teams using Java, Python, or other languages
  • Assist with secure credentials management using ServiceNow, SailPoint, HashiCorp, AWS KMS, or Azure AD federation
  • Facilitate architecture risk assessments based on NIST 800-53 and the Cyber Security Framework (CSF) by providing security expertise to a variety of audiences
  • Understanding of risk and impact in SaaS and Cloud security will improve the security posture of our various systems
  • Handle vendor and 3rd party risk by participating in Vendor Risk Assessments
  • Help maintain system security posture by supporting the Application Vulnerability Assessments (pen tests) and Vulnerability Management processes with Cloud access security broker (CASB) and Network Vulnerability Management (NVM) solutions
  • Deliver advanced data protection and privacy solutions to meet regulatory obligations such as GDPR, CPRA, HIPAA, NY DFS, and others
  • Ensure change management processes are documented and followed

Qualifications

We’re looking for someone with:

  • Bachelor’s degree (preference in a Computer Science, Cyber Security, Management Information Technology, or engineering-related field) or equivalent experience
  • Demonstrable experience as an IT professional working in an information security role, preferably in a regulated industry

Additional preferred technical experience:

  • Software development experience (this role will consult on Java, Python, PowerShell, BASH, dot Net and other languages)
  • Understanding of build chain in a web environment
  • Active security certifications such as CISP, CISM, CCSP, and AWS CCP
  • Strong cloud background focused on AWS
  • Must have the desire and ability to learn new technology and continuously grow

Salary Range Information

Salary ranges below reflect targeted base salaries. Non-sales positions have the opportunity to participate in a bonus program. Sales positions are eligible for sales incentives, and in some instances a bonus plan, whereby total compensation may far exceed base salary depending on individual performance. Actual compensation for all roles will be based upon geographic location, work experience, education, licensure requirements and/or skill level and will be finalized at the time of offer.

Salary Range

$58650 – $114000 / year

Additional Information

Job level

We’ll consider talent at the next level with the right experiences and skills.

Work Authorization/Sponsorship

At this time, we’re not considering candidates that need any type of immigration sponsorship (additional work authorization or permanent work authorization) now or in the future to work in the United States? This includes, but IS NOT LIMITED TO: F1-OPT, F1-CPT, H-1B, TN, L-1, J-1, etc. For additional information around work authorization needs please use the following links.

https://www.uscis.gov/working-in-the-united-states/temporary-nonimmigrant-workers and https://www.uscis.gov/green-card/green-card-eligibility/green-card-for-employment-based-immigrants

Investment Code of Ethics

For Principal Global Investors positions, you’ll need to follow an Investment Code of Ethics related to personal and business conduct as well as personal trading activities for you and members of your household. These same requirements may also apply to other positions across the organization.

Experience Principal

While our expertise spans the globe, we’re bound by one common purpose: to foster a world where financial security is accessible to all. And our success depends on the unique experiences, backgrounds, and talents of our employees – individually and all of us together. Explore our core valuesbenefits and why we’re an exceptional place to grow your career.

Principal is an Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

LinkedIn Remote Hashtag

#LI-Remote

More Information

Apply for this job

Leave your thoughts