Principal Cybersecurity Engineer | Nashville, TN, USA

Principal Cybersecurity Engineer

JOB TITLE: Principal Cybersecurity Engineer

FLSA STATUS: Exempt

DEPARTMENT: Technology

REPORTS TO: Director, Cybersecurity

SUPERVISORY RESPONSIBILITIES: No

JOB LOCATION: Remote

TRAVEL: Less than 10%

SUMMARY OF POSITION

As a Principal Cybersecurity Engineer, you will be responsible for shaping, executing and maturing our organization's cybersecurity strategy. This role requires an experienced cybersecurity professional with a deep understanding of security engineering, ITSM, cloud operations, and compliance. You will be on a dynamic team, driving the development and implementation of cybersecurity measures to protect our digital assets against evolving threats.

ESSENTIAL DUTIES & RESPONSIBILITIES

• Operational Leadership
• Implement and manage projects associated with a comprehensive cybersecurity strategy that is aligned with business objectives.
• Lead and mentor a small team of cybersecurity professionals, fostering a culture of continuous learning and improvement while ensuring the effective and efficient operation of security programs.
• Collaborate with technology leadership and engineering teams to integrate cybersecurity measures, risk management, and business continuity plans into cloud operations.
• Keep up with emerging cyber threats and technology trends to proactively adapt security strategies.
• Manage security tool budgets and vendor relationships.
• Define and report on key security metrics to leadership.
• Security Engineering & Advanced Security Operations
• Lead security engineering initiatives, including architecture reviews and secure design practices.
• Oversee penetration testing, vulnerability management, and adversary emulation activities to validate defenses.
• Direct anomaly and threat detection activities to proactively detect and neutralize advanced threats.
• Collaborate with infrastructure and cloud teams to embed security into core technology processes.
• Incident Response
• Manage alert escalations and execute the incident response plan as required, ensuring the organization is protected and can recover from cybersecurity incidents.
• Serve as escalation point for critical incidents, including after-hours response.
• Investigate and resolve incident response efforts, identify root causes and remediation actions to minimize the impact and reoccurrence of security incidents.
• Security Architecture
• Oversee the design and implementation of robust security architectures, including the detection/alerting ecosystem, endpoint security policies, and cloud-native automation.
• Evaluate and recommend security technologies, tools, and methodologies to enhance the organization's security posture.
• Regulatory Compliance
• Ensure compliance with relevant cybersecurity regulations and standards.
• Develop the cybersecurity governance strategy for efficient and sustainable compliance audit activities.
• Consult with legal and compliance teams to address cybersecurity-related regulatory requirements.

MINIMUM QUALIFICATIONS (EDUCATION AND EXPERIENCE):

• Bachelor's or advanced degree in Cybersecurity, Information Technology, or a closely related discipline.
• 8+ years of hands-on cybersecurity engineering experience, emphasizing cloud environments, incident detection/response, and network defense.
• Demonstrable mastery of cybersecurity frameworks, risk management processes, and regulatory compliance.
• Strong communication and leadership capabilities, including the ability to explain complex security topics to non-technical audiences.
• Track record of thriving in ambiguous settings through critical thinking, rapid adaptation, and commitment to ongoing learning.

PREFERRED QUALIFICATIONS (EDUCATION AND EXPERIENCE):

• Active security certifications (e.g., CISSP, CSSP, or equivalent)
• Technical certifications in cloud platforms (e.g., AWS, Azure, Microsoft 365)
• Hands-on experience with SDLC processes and supporting technologies
• Demonstrated expertise in deploying and securing AI-driven solutions

Not currently recruiting from California, Colorado, Connecticut, Maryland, Nevada, New Jersey, Ohio, Rhode Island, Washington, or New York

Equal Opportunity Employer

This employer is required to notify all applicants of their rights pursuant to federal employment laws.

For further information, please review the Know Your Rights notice from the Department of Labor.