Principal Security Engineer

FTAI Aviation

$130K — $180K *
New York, NY 10025In-Person
Information Technology
5 - 7 years of experience
Today
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • 7+ years of IT and cybersecurity experience, with 3+ years specifically in a senior security role
  • Expertise in implementing technical controls and developing associated policies
  • Experience in securing multi-site public and regulated environments like SOX and FINRA
  • Proficient in NIST CSF, ISO 27001, and CIS frameworks with a focus on audit readiness
  • Strong knowledge of cloud security (especially Azure/AWS) and network security measures
  • Hands-on experience with SIEM tools and endpoint protection, plus scripting skills

Responsibilities

  • Drive the technical cybersecurity strategy and roadmap, reporting risks to leadership
  • Design, configure, and maintain security controls across various environments
  • Develop and align security policies with recognized frameworks and regulatory standards
  • Manage and tune the security stack, creating detection rules and alerts
  • Lead incident response efforts and oversee vulnerability and patch management
  • Coordinate third-party/vendor risk programs with internal audit and legal teams
  • Collaborate with managed service providers to maintain in-house decision-making
  • Enhance identity infrastructure and run security awareness programs

Benefits

  • Opportunity to shape cybersecurity strategy in a regulated environment
  • Hands-on role with significant technical implementation responsibilities
  • Collaboration with various departments including IT and Legal
  • Exposure to working with external audits and regulatory requirements
  • Comprehensive involvement in incident response and risk management
  • Focus on maturing policies and technical controls against industry frameworks
Full Job Description
JOB OVERVIEW

We are seeking a Principal Security Engineer to lead the security program for a public, multi-site organization in a regulated environment. This is a hands-on individual-contributor role that both implements technical controls and drives the policies behind them. Partnering with the MSP, vCISO, IT, and Legal, you will set technical direction and execute it-tuning controls, maturing policy, and aligning the program to recognized frameworks and regulatory requirements

Responsibilities:

  • Drive the technical cybersecurity strategy and roadmap; report security posture and material risk to senior leadership
  • Design, configure, and maintain hands-on controls across network, endpoint, identity, and cloud (firewall rules, segmentation, VPNs, IDS/IPS, EDR, MFA)
  • Develop and maintain security policies aligned to NIST CSF, ISO 27001, and CIS and to regulatory requirements, ensuring controls actually enforce them
  • Manage and tune the security stack (SIEM, EDR, email security); build detection rules, alerts, and dashboards
  • Lead incident response end to end and drive risk-based vulnerability and patch management to closure across infrastructure, endpoints, and cloud
  • Own the controls framework and third-party/vendor risk program, coordinating with internal audit/GRC and the legal team
  • Collaborate with MSP and vCISO (managing scope, SLAs, escalation) while keeping core decisions in-house
  • Harden identity infrastructure (AD/Entra ID) and run the security awareness program across sites


Qualifications:

  • 7+ years across IT and cybersecurity, including a hands-on technical foundation and 3+ years driving a security program as a senior individual contributor
  • Proven ability to both implement technical controls and author the policies and governance behind them
  • Experience securing a public and/or regulated, multi-site environment (e.g., SOX, FINRA, FAA), including audit and control ownership
  • Command of NIST CSF, ISO 27001, CIS, and SOX/ITGC, with experience owning control evidence through external audits
  • Strong cloud (Azure and/or AWS) and enterprise network security-firewalls, VPNs, segmentation, and IDS/IPS
  • Hands-on with SIEM (e.g., Microsoft Sentinel) and endpoint protection (e.g., SentinelOne), plus scripting (PowerShell and/or Python) and identity hardening (AD/Entra ID)
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at FTAI Aviation

More Information Technology Jobs

Find similar Principal Security Engineer jobs:

NationwideNew York, NY