Principal Security Engineer

Company Overview

Job Overview

We are looking for an experienced Enterprise Security and Compliance Engineer to help design, architect, and guide the implementation of our rapidly expanding identity and security capabilities. You will be part of a talented team of highly experienced engineers in our enterprise security team that demonstrate superb technical competency, delivering critical security controls ensuring the highest levels of availability, performance, and delightful experiences.

You’ll lead and partner with an innovative and passionate team of engineers in the areas of Identity, Authentication, Authorization, Access Governance, Endpoint, Infrastructure, Application Network and Data protection, using cutting edge technologies and approaches, both bought and built, using Java, Python, Kubernetes, React, GraphQL etc. As a subject matter expert, you will bring your industry expertise to help the team navigate through unique technology challenges.

This role will be responsible for supporting cross functional projects and will utilize critical thinking and problem-solving to deliver exceptional value to our customers and business outcomes. This role will also provide 3rd level escalation support by analyzing and resolving problems in a timely and accurate fashion. This individual would develop strategies and guide tactics for operational efficiency, tech refresh planning and guidance with performance, availability and capacity modelling, Work in boundaryless fashion, collaborate with peer architects, engineering, dev-ops, audit, compliance and other business stakeholders to manifest necessary alignment related to enterprise security outcomes.

Responsibilities

• Provide engineering and architectural leadership across several interdependent engineering teams, systems and offerings.
• Partner with Intuit’s AI/Data Science and innovative 3^rd party vendor teams to improve and deliver an intelligent enterprise security and compliance platform
• Determine security, fraud prevention, privacy, and technical compliance requirements by evaluating business and technical plans and strategies; research information on security and risk-prevention standards; conduct system security and vulnerability analyses and risk assessments
• Create and maintain effective technical documentation, diagrams, and presentations to communicate cybersecurity/fraud risks for development teams and business users
• Recommend development and security best practices for application, infrastructure, software development
• Partner across the organization to design and implement high-quality risk management processes through education, consulting, and via support channels (e.g. Slack)
• Ensure effective, comprehensive incident response processes within the organization, incl. remediation and root cause analyses
• Effectively perform knowledge transfers and train technical and non-technical stakeholders at all levels of the organization
• Roughly 20-40% hands-on coding and data analysis
• Actively stay abreast of mobile/SaaS/PaaS trends and security standards, recommend best practices and share learning.
• Create and communicate Intuit vision & strategies aligned with Intuit standards.
• Excellent interpersonal skills, with the ability to build a healthy level of partnership at all levels of the organization.
• Highly collaborative, able to drive large, diverse teams across the world through influence and collaboration.
• Directly contribute to enterprise security capabilities design and prototype work
• Develop end to end design utilizing best practices and patterns (external and internal)
• Interact and negotiate with application owners, product managers, program managers, vendors and contractors to architect, design and support implementation (SSDLC) of enterprise security solutions while ensuring the highest levels of quality is delivered to end customers
• Acts as a subject-matter expert around security and access in AWS, but also be aware of other cloud hosting platforms (e.g GCP, Azure)
• Maintain fluency and current knowledge of identity, cloud security and compliance domain, cloud computing technologies, trends, services, and third-party tools
• Develop and document future state working closely with the Engineering
• Lead research and evaluation of emerging technologies and trends to ensure we are using the best techniques and tools to improve Intuit’s security posture

Qualifications

• BS/MS in computer science or equivalent work experience. Significant design/architecture experience.
• 10+ years’ experience designing and leading architectural efforts for web-based applications and backend services
• Thorough understanding of securing cloud ecosystems such as IaaS, PaaS and SaaS
• Hands on experience with Capability driven Architecture
• Strong development experience in one or many software development languages (Java, Python etc) and technologies such as Kubernetes/Virtualization/ Data Lake
• Knowledge and/or hands on experience identity and security solutions and protocols
• Knowledge and/or hands on experience on end point, network and data security solutions
• Strong technology and engineering skills are preferred.
• Strong written and verbal communication skills
• Able to effectively prioritize tasks with the intent to deliver true business value
• Boundaryless leadership experience: Applying the nuances of influencing based on the situation, knowing when to push and when to ease, driving through designs, ideas, and roadmaps.

Team/Leadership Qualifications

• Team player possessing strong analytical, problem solving and communication skills
• Strong mentoring skills. Able to influence and communicate effectively with both technical and non-technical people
• Demonstrated ability to work with global teams across time zones
• Ability to work effectively in a fast paced, complex technical environment
• High adaptability and flexibility
• Experience driving for results across cross-functional teams while maintaining effective working relationships
• Excellent communication skills. Communicates clearly, succinctly and persuasively to all levels of employees, customers and management (including executives)
• "Self-starter" attitude and the ability to make decisions independently