Cloud Security | Operational Technology | Identity Security | and more
Principal Security Consultant
Location
New Jersey + 4 moreAll locations: New Jersey | New York | Maryland | Massachusetts | Pennsylvania
Posted
12 days ago
Salary
$145K - $193.7K / year
Seniority
Lead
Job Description
Principal Security Consultant
Tenable
• The Principal Consultant, acting as a technical advisor, is tasked with developing, mentoring, and training the Professional Services team, including overseeing their onboarding and maintaining up to date expertise on service offerings. • This role supports Delivery Management and Resource Management in achieving delivery Theatre objectives and revenue targets, while also handling client escalations by liaising between the delivery team and other Tenable functions. • Additionally, the Principal Consultant focuses on advancing Tenable Subk partners through training and certification onboarding and seeks opportunities to enhance the Professional Services structure through training tutorials and the creation of new methodologies. • This role also includes some client billable work, shared with the responsibilities outlined.
Job Requirements
- 12+ years of experience in the Information Technology/Cyber Security field and professional services experience.
- Bachelor’s degree in a related technical field such as Information Technology, Computer Science, or equivalent work experience.
- Outstanding written and verbal communication skills. Must be comfortable leading 3+ hour calls and keeping up the progression of tasks on the call while assuring that all relevant topics are addressed.
- Strong analytical skills and troubleshooting skills, with the ability to diagnose and resolve complex security issues.
- Expert level ability to diagnose, resolve and anticipate complex security issues and risks with ability to lead resolution across various client environments.
- Proficiency in assessing and identifying threats and risks related to Exposure Management, including vulnerabilities and weaknesses in host or network configurations.
- Recent in-depth experience performing vulnerability scans, configuration audits, and security monitoring with core Tenable products, or other industry solutions.
- Familiarity with Red Teaming, penetration assessments, and security testing tools such Metasploit and Burp Suite.
- Experience with application security testing, OWASP and common exploitable web application threats in the context of Exposure Management.
- Deep understanding of Auditing and Configuration frameworks such as ISO 17799, CIS, PCI, GLBA and HIPAA preferred.
- Broad understanding and experience of cyber security principles including vulnerability management, defense in-depth, least-privilege, data protection, regulation and common security controls.
- Proven experience managing client expectations, building relationships and delivering consultative advice to ensure successful outcomes.
- Proven consulting abilities with a focus on assessing and advising customers with their Exposure Management strategy.
- Experience of designing and implementing security solutions and platforms.
- Deep understanding of networking, virtualization, Linux/Unix and Windows administration, patch deployment and system configuration. While this is not a purely technical role, having a technical foundation will be necessary for long-term success.
- Understanding of wireless LAN protocols and various WLAN vulnerabilities and attacks.
- Understanding of common control systems such as firewalls, blacklists, ACLs, and common network monitoring tools such as IDS/IPS.
- Deep understanding of Patch Management, IPAM, ITSM, CMDB, and SIEM solutions as they relate to Exposure Management.
- Experience of using programming and scripting tools such as Python or Powershell for automation and API driven tasks.
- Experience of cloud services, common cloud infrastructure, CSPM, CIEM, IaC, containerization, and all the potential risks associated with cloud-based and hybrid environments.
- Experience of Microsoft Active Directory environments, including common risks, threats and security.
- Familiarity with SCADA and OT systems is a plus for managing exposure in these environments.
- Current security certifications such as CISSP, CISA, CISM, OSCP or equivalent experience.
- This position is US-based only (US NorthEast area preferably).
Benefits
- medical, dental, vision, disability and life insurance
- 401(k) retirement savings with company match
- an employee stock purchase plan
- an employee referral program
- flexible spending accounts
- an Employee Assistance Program (EAP)
- education assistance
- parental leave
- paid time off (PTO)
- company-paid holidays
- health and wellness events
- community programs
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Defining and owning the security architecture spanning Kubernetes infrastructure, inference runtimes, control plane APIs, and model lifecycle pipelines • Establishing threat models, security standards, and hardening guidelines across all platform teams and ensuring consistent adoption through reviews and automated enforcement • Leading security design reviews for critical systems including model serving environments, multi-tenant isolation, authentication and authorization frameworks, and data handling pipelines • Driving AI-specific security initiatives including defense against prompt injection, model extraction, adversarial inputs, data poisoning, and model supply chain attacks • Owning compliance readiness for regulatory frameworks (FedRAMP, SOC 2, GDPR), and emerging AI governance standards, partnering with legal and compliance teams • Developing and maturing the platform's security incident response capabilities including detection, investigation, and remediation playbooks for both traditional and AI-specific threats • Collaborating with Akamai's broader security organization to align inference platform security practices with enterprise standards and share learnings across product lines
Role Description En PROCESIA buscamos incorporar varios profesionales en Consultoría Técnica especializados en gestión de identidades y ciberseguridad para participar en proyectos tecnológicos donde el reto no es mantener las luces encendidas, sino construir plataformas robustas, seguras y bien diseñadas desde el principio: Sí, hablamos de OpenIAM. Buscamos personas técnicas, sí. Pero también personas con criterio, curiosidad y ganas de construir cosas bien hechas. Las que preguntan ¿y si lo hacemos mejor? en lugar de ¿siempre se hizo así?. Buscamos personas que disfruten analizando, diseñando, implementando y evolucionando soluciones tecnológicas complejas. Gente cómoda tanto entendiendo arquitectura como entrando al detalle técnico cuando toca: - Titulación universitaria en Ingeniería o Formación Profesional técnica equivalente reconocida en España. - Mínimo 4 años de experiencia en proyectos TI. - Al menos 2 años trabajando en proyectos de consultoría de ciberseguridad relacionados con plataformas IAM. - Experiencia práctica con OpenIAM. - Capacidad de análisis técnico, diseño y resolución de incidencias complejas. - Conocimiento de entornos de identidad, accesos y operación de soluciones de seguridad. Y si además has participado en proyectos para la Administración de Justicia o en fases de arquitectura y diseño tendrás mucho terreno ganado. ¿Cuál será tu día a día? - Participarás en proyectos donde la identidad digital es crítica, colaborando con equipos especializados y trabajando sobre soluciones que requieren análisis, precisión técnica y visión de conjunto: - Analizar requisitos técnicos y funcionales relacionados con IAM y ciberseguridad. - Diseñar e implementar soluciones sobre plataformas OpenIAM. - Participar en tareas de desarrollo, configuración y operación técnica. - Colaborar en arquitecturas de identidad y gestión de accesos. - Resolver incidencias complejas y optimizar procesos existentes. - Documentar soluciones y participar en la mejora continua del servicio. - Trabajar junto a equipos multidisciplinares en proyectos de alta relevancia tecnológica. Traducido: habrá retos técnicos interesantes, decisiones importantes y alguna reunión que podría haber sido un email. Somos honestos. Qualifications - Titulación universitaria en Ingeniería o Formación Profesional técnica equivalente reconocida en España. - Mínimo 4 años de experiencia en proyectos TI. - Al menos 2 años trabajando en proyectos de consultoría de ciberseguridad relacionados con plataformas IAM. - Experiencia práctica con OpenIAM. - Capacidad de análisis técnico, diseño y resolución de incidencias complejas. - Conocimiento de entornos de identidad, accesos y operación de soluciones de seguridad. Requirements - Participar en proyectos donde la identidad digital es crítica. - Colaborar con equipos especializados. - Analizar requisitos técnicos y funcionales relacionados con IAM y ciberseguridad. - Diseñar e implementar soluciones sobre plataformas OpenIAM. - Participar en tareas de desarrollo, configuración y operación técnica. - Colaborar en arquitecturas de identidad y gestión de accesos. - Resolver incidencias complejas y optimizar procesos existentes. - Documentar soluciones y participar en la mejora continua del servicio. - Trabajar junto a equipos multidisciplinares en proyectos de alta relevancia tecnológica. Benefits - Contrato indefinido desde el inicio. - Proyecto estable, sólido y con visión a largo plazo. - Modalidad remota y flexibilidad horaria real. - Jornada intensiva todos los viernes y durante el verano. - Formación continua, certificaciones y clases de inglés. - Participación en proyectos estratégicos de ciberseguridad e identidad digital. - Plan de carrera adaptado a tu evolución técnica y profesional. - Seguro médico completo sin copagos. - Cultura colaborativa y participativa basada en Management 3.0. - Equipos cercanos donde compartir conocimiento no es opcional. - Nochebuena y Fin de Año libres. - Café y té en oficina para afrontar deployments, incidencias y reuniones de arquitectura con dignidad.
Information Security Incident Specialist
SupportYourAppSupport-as-a-Service that helps companies scale faster by taking care of their customers’ needs.
Role Description Our team is continuously growing alongside our expanding client base, so we are looking for an Information Security Incident Specialist who is eager to apply their technical expertise, develop in the field of security, and work with real incidents and modern tools. What you will do: - Manage security and operational incidents end-to-end, including investigation, coordination, and response; - Communicate directly with Clients and stakeholders during Data Breach incidents; - Conduct Root Cause Analysis, develop preventive measures, and prepare management reports; - Analyze Clients’ workflows and incident trends to identify risks and improve security processes; - Assess the security of software, platforms, and third-party vendors; - Review new hiring locations for compliance with data protection and security standards; - Develop incident response procedures and maintain internal security documentation and knowledge base. Qualifications - Proven experience in investigating and handling information security incidents (from 1 year); - Experience in developing incident management procedures and documentation; - Analytical mindset and the ability to make fast decisions to mitigate incident impact; - Strong self-organization skills and the ability to prioritize work independently; - Understanding of data privacy principles and breach notification requirements; - English proficiency at level B2 or higher. Requirements - Proficiency in OSINT methodologies for investigations; - Experience in assessing the security of software, platforms, and third-party vendors; - Basic knowledge of security tools logic (SIEM, EDR, DLP, NGFW, VPN, VDI). Benefits - Providing services during business hours; - Opportunity to cooperate fully remotely; - Inclusive international environment; - Compensation in USD; - Rewards for referring friends; - Balance between project workload and personal time, but also – internal health policy; - Responsive leadership interested in your growth and long-lasting cooperation; - Greenhouse conditions for self-development; - A culture built on trust, with no time-tracking requirements. *The items listed in this section may vary depending on the terms of your engagement. Certain benefits and conditions typically apply to employees; independent contractors may not be eligible for all of these. The specific terms, including compensation, benefits, and work conditions, will be clearly defined in your agreement if selected.
• Designing, building, and validating new detections across large-scale customer telemetry, transforming threat research into impactful results. • Building and deploying AI agents for independent investigation workflows and detection engineering pipelines, incorporating context management, tool orchestration, and multi-step reasoning. • Evaluating and iterating on detection quality - measuring false positive rates, building benchmarks, and establishing feedback loops that continuously improve accuracy. • Analyzing diverse telemetry including network connections, Active Directory, cloud activity, endpoint data (Windows/Linux), segmentation policies, and vulnerability exposure to identify threats and anomalies. • Leading key research initiatives and proof-of-concepts, shaping Hunt's detection and analytics platform's strategic direction. • Translating cutting-edge research into clear, actionable recommendations and effectively communicating findings to customers and stakeholders.
