Principal Information Security Engineer
Principal Information Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Job Description
The Company: Cognex Corporation
Cognex is the worlds leading provider of vision systems software sensors and industrial barcode readers used in manufacturing automation. Cognex vision helps companies improve product quality eliminate production errors lower manufacturing costs and exceed consumer expectations for high quality products at an affordable price. Typical applications for machine vision include detecting defects monitoring production lines guiding assembly robots and tracking sorting and identifying parts.
Cognex serves an international customer base from offices located throughout the Americas Europe and Asia and through a global network of integration and distribution partners. The company is headquartered close to Boston in Natick Massachusetts
The Team: Information Security Team
The Information Security Team at Cognex is responsible for establishing and maintaining enterprise application and product security policies processes and best practices to ensure enterprise applications and products are designed and implemented securely for company and customer data. It partners with multiple business units to create and develop applications and products throughout active lifecycles. This position is part of the Information Security Team under the IT department.
The Role:
As a Principal Information Security Engineer you will be responsible for the strategic development implementation and maintenance of security systems and protocols. You will work closely with senior management to develop security strategies and roadmaps that align with the organizations overall objectives. You will work with the team to identify vulnerabilities assess risks and design and implement solutions to mitigate them. You will collaborate solution and engineer information security for all functions across the enterprise conveying options and costs for Information Security solutions. You will work closely with the IT and Engineering/Development teams to ensure that security is integrated into all aspects of the organizations systems and applications.
Essential Functions:
Lead functional teams or projects with moderate resource requirements risk and/or complexity
Lead the strategic development and implementation of security policies and procedures
Lead the strategic development configuring maintaining and monitoring security tools and technologies including firewalls intrusion detection/prevention systems access control encryption vulnerability management security information and event management (SIEM) and endpoint security systems
Conduct security assessments and risk analyses
Lead the strategic development of vulnerability assessments and penetration testing to identify security weaknesses and develop mitigation strategies
Stay up to date on emerging threats vulnerabilities and security technologies
Mentoring security engineers and providing technical guidance
Collaborate with cross-functional teams including IT legal and compliance to ensure security requirements are integrated into the development lifecycle
Knowledge Skills and Abilities:
Advanced knowledge of:
Information security principles practices and technologies
Regulatory and compliance requirements such as ISO 27001 OWASP IEC 62443 CIS HIPAA PCI-DSS and GDPR
Network security architecture including LAN WAN VPN and cloud networking
Security risk assessment and management methodologies
Security incident and event management (SIEM) and intrusion detection and prevention systems (IDS/IPS)
Identity and access management (IAM) principles and technologies
Secure software development practices and DevOps methodologies
Emerging threats and vulnerabilities and the ability to implement mitigations to address them
Security assessment and testing methodologies including vulnerability scanning and penetration testing
Encryption technologies including encryption algorithms protocols key management and technologies. Ability to implement encryption solutions to protect data in transit and at rest
Advanced skills include:
Vulnerability Management and Threat Hunting
Applying strong analytical and problem-solving skills
Managing and leading technical teams
Prioritizing and managing multiple projects and tasks simultaneously
Strong attention to detail ensuring accuracy and precision in sensitive deliverables
Capable of working autonomously while contributing effectively within cross-functional teams
Build and maintain relationships with stakeholders across the organization
A high level of proficiency in project management and planning
Advanced abilities:
Clearly conveys complex technical concepts to both technical and non-technical stakeholders. Ability to document security designs configurations and procedures effectively
Demonstrates a strong commitment to staying current with emerging cybersecurity trends technologies and industry certifications. Proactively engages in professional development and consistently seeks out relevant training opportunities to deepen expertise and maintain technical edge
Security Policy Development: Develops and enforces information & cyber security policies and procedures. Experience in creating and maintaining security documentation including security standards guidelines and configuration baselines
Develops and implements information security strategies and programs
Designs and implements secure network and system architectures
Analyzes and evaluates security risks and develops appropriate mitigations
Leads incident response and manage security incidents and breaches
Conducts security audits and assessments
Monitors and reports on security metrics and compliance with policies and standards
Maintains clarity focus and poise during high-pressure situations including security incidents and breaches. Responds with sound judgment and disciplined execution to ensure swift resolution and minimize disruption
Education and work experience required:
Bachelors degree in Computer Science Information Security Cybersecurity or related field or equivalent experience (Masters a plus)
5 years of experience in information security engineering or related field
Strong knowledge of information security technologies and standards and frameworks (e.g. NIST ISO 27001)
Experience with information security incident response and management at an enterprise level
Ability to develop and implement information security strategies and roadmaps
Excellent communication and leadership skills
Industry certifications such as CISSP CISM CRISC or GSE are a plus
Additional Job Description
Equal Employment Opportunity
Cognex is an equal opportunity employer. Cognex evaluates qualified applicants without regard to race color religion gender national origin age sexual orientation gender identity or expression protected veteran status disability/handicap status or any other legally protected characteristic.
Required Experience:
Staff IC
Employment Type
Full-Time
