Why Carbon Black?
At Carbon Black, you’ll have the chance to make an impact in the ever-evolving cybersecurity space. Our advanced technology tackles even the toughest challenges and stays ahead of the latest threats.
If you want to join a growing company filled with people who are passionate about beating the world’s nastiest adversaries, Carbon Black is the place for you. We’ve been named a “Top Place to Work” by the Boston Globe for three consecutive years because our teams are the best at keeping the world safe. Join us!
Why You Matter
The Principal Security Engineer provides cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks.
Additionally, the Principal Security Engineer leads the development of cyber security requirements, conducts security risk assessments, evaluates security services and technologies, and reviews and documents information security policies and procedures.
If you enjoy analyzing system services, operating systems, networks and applications from a security perspective, and you are skilled at discovering security issues that appear under new threat scenarios, this position will provide you with a challenging opportunity. The Principal Engineer is a key leader of an enterprise-level team of cyber security specialists. The role requires hands-on technical assessment of the cyber threat landscape in terms of its potential impact on Carbon Black and recommending strategic, mitigating actions and developing solutions.
What You’ll Do:
- Develops, manages, and consults on the technical architecture and strategies for enterprise Cyber Security controls.
- Leads in the development Cyber Security standards, specifications, procedures & practices.
- Provides Info security architecture & systems engineering consulting to other IT and business teams.
- Leads and influences multi-disciplinary teams in implementing and operating Cyber Security controls.
- Reviews projects and provides security standards to the technology, prescribing appropriate protection configurations that will balance business requirements with enterprise technology standards to arrive at the optimal solution.
- Investigates leading technologies in the marketplace and make assessments regarding relevance to security related technology solutions and maintains effective relationships with key technology vendors and industry professionals.
- Mentor junior members of the team and participates in development of team goals & objectives.
- Participate in incident handling
- Automate security controls, data and processes to provide better metrics and operational support
- Stay current on emerging security threats, vulnerabilities and controls.
- Translate security and technical requirements into business requirements, and communicate security risks to different audiences ranging from business leaders to engineers.
- Contribute to development of company-wide security strategy.
- Conducts forensic investigations for HR, Legal, or incident response related activities.
- Develops new detective and investigative capabilities using current technical solutions.
- Grows cyber intelligence capabilities and networks.
- Performs data analysis and threat research/hunting activities
- Partners with business and technology operations groups to maintain the Cyber Security threat monitoring infrastructure and tools including but not limited to perimeter controls, intrusion detection / protection devices, vulnerability scanning tools, security event correlation tools, content surveillance and filtering devices, and so on.
- Responsible for identifying continuous security capability improvements that will help protect our computing environments.
What You’ll Bring:
- Bachelor’s degree in related business or technical areas, or an equivalency of education and work experience.
- Minimum of 10 years of IT Security and/or security engineering experience
- Experience in designing and implementing standards, specifications and procedures.
- Proven project management experience, including developing project plans, schedules and budgets
- Extensive knowledge of industry accepted information security best practices, standards, and policies
- Demonstrated ability to take initiative and accountability for achieving results
- Experience as a team leader operating in a critical role that greatly impacts team success.
- Strong interpersonal, oral, and written communication skills
- Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
- Experience with the application of threat modeling or other risk identification techniques
- Skilled in discussing complex security issues in understandable business terms.
- Experience with enforcing security policies and standards with business owners leading by influence.
- Very detailed knowledge of system security vulnerabilities and remediation techniques
- Security certification desired (e.g., CISSP, GIAC, CEH, etc)
- Critical Analysis: Identify and understand issues, problems and opportunities; compare data from different sources to draw conclusions.
Who We Are:
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.
Carbon Black, Inc. is an EEO/AA employer. Carbon Black is an inclusive employer that believes in workplace equality, supports diversity, creates a welcoming environment, and respects the unique qualities each individual brings to the company.