US-IA-Des Moines | US-NM-Albuquerque | US-GA-Atlanta | US-TX-Austin | US-NC-Charlotte | US-OH-Columbus | US-TX-Dallas | US-CO-Denver | US-MO-Kansas City | US-WI-Madison | US-MN-Minneapolis | …
Job # 2022-34236
Responsibilities
As an Info Security Engineer in the Information Security and Risk Management department dedicated to the Service Center Business Unit Business Information Security Office team, you are accountable to promote, improve, and implement Principal’s security standards with an emphasis on SaaS and AWS Cloud solutions.
This is a superb opportunity for someone looking to weave software development Continuous Integration / Continuous Delivery and info security! In this role you will have the opportunity to evaluate architecture documents and recommend the best security practice flowing Security Framework recommendations and assist in the technical implementation of the security recommendations following through to a complete solution.
Here are a few examples of the kinds of things you will do:
- Public speaking as you build and present professional reports to business unit peers’ leadership
- Author security documentation and guidance to lead Principal information security standards implementation
- Build and present training to engineers on best practices in engineering and architecture
- Present a friendly face and well thought out solutions to engineers addressing security related integration needs
- Design and integrate with software development teams to build security into CI/CD pipelines and software build practices
- Actively consult in coding/programming with scrum teams using Java, Python, or other languages
- Assist with secure credentials management using ServiceNow, SailPoint, HashiCorp, AWS KMS, or Azure AD federation
- Facilitate architecture risk assessments based on NIST 800-53 and the Cyber Security Framework (CSF) by providing security expertise to a variety of audiences
- Understanding of risk and impact in SaaS and Cloud security will improve the security posture of our various systems
- Handle vendor and 3rd party risk by participating in Vendor Risk Assessments
- Help maintain system security posture by supporting the Application Vulnerability Assessments (pen tests) and Vulnerability Management processes with Cloud access security broker (CASB) and Network Vulnerability Management (NVM) solutions
- Deliver advanced data protection and privacy solutions to meet regulatory obligations such as GDPR, CPRA, HIPAA, NY DFS, and others
- Ensure change management processes are documented and followed
Qualifications
We’re looking for someone with:
- Bachelor’s degree (preference in a Computer Science, Cyber Security, Management Information Technology, or engineering-related field) or equivalent experience
- Demonstrable experience as an IT professional working in an information security role, preferably in a regulated industry
Additional preferred technical experience:
- Software development experience (this role will consult on Java, Python, PowerShell, BASH, dot Net and other languages)
- Understanding of build chain in a web environment
- Active security certifications such as CISP, CISM, CCSP, and AWS CCP
- Strong cloud background focused on AWS
- Must have the desire and ability to learn new technology and continuously grow
Salary Range Information
Salary Range
Additional Information
Job level
We’ll consider talent at the next level with the right experiences and skills.
Work Authorization/Sponsorship
At this time, we’re not considering candidates that need any type of immigration sponsorship (additional work authorization or permanent work authorization) now or in the future to work in the United States? This includes, but IS NOT LIMITED TO: F1-OPT, F1-CPT, H-1B, TN, L-1, J-1, etc. For additional information around work authorization needs please use the following links.
https://www.uscis.gov/working-in-the-united-states/temporary-nonimmigrant-workers and https://www.uscis.gov/green-card/green-card-eligibility/green-card-for-employment-based-immigrants
Investment Code of Ethics
For Principal Global Investors positions, you’ll need to follow an Investment Code of Ethics related to personal and business conduct as well as personal trading activities for you and members of your household. These same requirements may also apply to other positions across the organization.
Experience Principal
While our expertise spans the globe, we’re bound by one common purpose: to foster a world where financial security is accessible to all. And our success depends on the unique experiences, backgrounds, and talents of our employees – individually and all of us together. Explore our core values, benefits and why we’re an exceptional place to grow your career.
Principal is an Equal Opportunity Employer
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
LinkedIn Remote Hashtag
More Information
- Salary Offer $58650 - $114000
- Address Des Moines, IA, USA
- Experience Level Junior
- Total Years Experience 0-5