Job Title: Principal Security Engineer
Location: Remote / Hybrid (Plano, TX)
Vital Tech Solutions is Premier Enterprise Technology Consulting and Workforce Management Solutions Provider to the OEM, Manufacturing, Aerospace, Health Care, Finance and Government industries with offices in the Metro Detroit area. Since its inception, Vital Tech Solutions has been on the forefront of Technology & Human Capital Asset Creativity by providing our customers with flexible Technical Consulting and Talent Management Acquisitions to support their various organizational needs.
Vital Tech Solutions is looking for a highly motivated and outgoing Principal Security Engineer on behalf of one of our Fortune 500 Customers in the Plano, TX region. As part of PSIRT (Product Security Incident Response Team), this role will handle and respond to security incidents related to its products or services. The main purpose of this role is to identify, assess, prioritize, and respond to vulnerabilities or threats that may impact the security of the organization's offerings. This role will help in building effective PSIRT to ensure greater product quality and fewer security patching updates, these outcomes not only keep costs down, they also help the brand by avoiding the appearance of being lax about a product's security.
Key Responsibilities:
- Provide Technical Leadership: Serve as the primary technical lead for investigating vulnerabilities and security incidents across various domains, including Vehicle, Application, and Back End systems
- Guidance and Strategy: Provide expert technical guidance and contribute to the formulation of effective investigation strategies to swiftly identify and address security threats
- Product & Incident Reporting & Support: Collaborate closely with the Incident Reporting Team to investigate and track identified security vulnerabilities using the VVM Jira tool, thereby facilitating continuous improvement of the organization's security posture
- Stakeholder Coordination: Liaise with stakeholders to assess vulnerabilities and recommend appropriate remediation or mitigation measures, ensuring timely and effective risk reduction
- Remediation & Mitigation Tracking: Monitor the progress of remediation and mitigation efforts using the VVM Jira System Security Monitoring Tool, maintaining close communication with Product Leads and Scrum Teams to ensure alignment and swift resolution of security issues
- Ad-hoc Technical Support: Provide on-demand technical expertise and support for various PCG services and programs as needed, leveraging a deep understanding of product security principles and best practices
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related technical field; or equivalent practical experience
- 10+ years of Engineering experience in cybersecurity, incident response, vulnerability management, or related fields within the OEM industry
- Proven expertise in conducting technical investigations into security incidents and vulnerabilities across diverse OEM environments such as Vehicle, Application, and Back End systems
- Strong familiarity with industry-specific tools and methodologies for vulnerability management and incident response within the OEM sector
- Excellent communication skills with the ability to effectively convey technical information to diverse audiences and collaborate with cross-functional teams within an OEM context
- Demonstrated ability to provide technical leadership, guidance, and mentorship to junior team members within an OEM setting
- Experience working with issue tracking and project management tools such as Jira for tracking vulnerabilities and remediation efforts, preferably within an OEM environment
- Ability to adapt to fast-paced OEM environments and prioritize tasks effectively to meet OEM-specific deadlines and requirements
- Willingness to travel up to 15% of the time, with a minimum expectations of 2 days per month and 1 week per semi quarter for on-site engagements and collaboration within the OEM industry
Preferred Qualifications:
- BS or Master's degree in Computer Science, Information Security, or a related technical field
- Industry certifications such as CISSP, CISM, CEH, or equivalent
- Experience with cybersecurity incident response frameworks such as NIST CSF, ISO 27035, or similar
- Familiarity with Agile development methodologies and Scrum practices
- Prior experience in automotive cybersecurity or related industries
- Knowledge of scripting languages such as Python, PowerShell, or Bash for automation and tool development
Vital Tech Solutions is an Equal Opportunity Affirmative Action employer. We prohibit discrimination in decisions concerning recruitment, hiring, compensation, benefits promotions, training, termination or any other condition of employment or career development. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, veteran status, disability status or any other legally protected status.