Worldwide Flight Services (WFS) is seeking a Principal Security Engineer to lead the engineering of cloud-native security operations and enhance cybersecurity capabilities. The role involves designing and implementing security solutions while collaborating across various teams to improve the organization's cyber defense strategies.
Responsibilities:
- Serve as a principal-level technical authority for security engineering, setting the standard for detection, automation, and tooling quality across a globally distributed team
- Design, build, and maintain high-fidelity detection content, correlation logic, and analytics across enterprise security capabilities, including a major cloud and productivity ecosystem and a cloud-native security operations platform
- Engineer and operationalize security automation and orchestration that reduces manual effort and accelerates enrichment, containment, and response across the environment
- Apply artificial intelligence and machine learning techniques, including large language model and agentic approaches, to augment detection engineering, investigation, triage, and response workflows
- Integrate, tune, and scale identity, endpoint, email, and cloud security capabilities, ensuring telemetry is complete, normalized, and actionable
- Build and maintain the data pipelines, log onboarding, and platform integrations that feed centralized monitoring, detection, and response
- Drive secure-by-design engineering practices, including system hardening, secure configuration of cloud resources and API security
- Partner with threat detection and response analysts to translate threat intelligence and observed attacker techniques into detection capabilities mapped to recognized frameworks (e.g., MITRE ATT&CK)
- Develop tooling and scripts (e.g., Python, PowerShell, and platform query languages) to automate analysis, parse large datasets, and streamline repeatable security outcomes
- Serve as a senior technical resource on complex investigations
- Evaluate, pilot, and operationalize emerging security technologies and AI capabilities, producing recommendations and reference implementations to guide adoption
Requirements:
- Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or equivalent
- 8+ years of progressive experience in cybersecurity, with at least 4 years dedicated to security engineering, detection engineering, or security automation in enterprise environments
- Hands-on experience applying artificial intelligence and machine learning to security work, such as large language model or agentic automation, AI-assisted investigation and triage, or anomaly and behavioral detection
- Deep, hands-on experience engineering and operating security capabilities within a major enterprise cloud and productivity ecosystem, including its native identity, endpoint, email, and detection and response services
- Experience building and operating centralized monitoring and detection on a modern, cloud-native security operations / SIEM platform is a strong added value, including log onboarding, parsing, and detection content development
- Demonstrated success engineering and securing hybrid IT environments that combine on-premises infrastructure and multiple cloud platforms, maintaining consistent detection and response coverage across them
- Solid background in systems, network, and cloud engineering and operations underpinning security tooling and detection
- Experience securing global, highly distributed enterprise environments within transportation, aviation, logistics, or other critical infrastructure industries
- Hands-on expertise with Infrastructure as Code (IaC), CI/CD pipelines, container security, and Kubernetes to embed security into modern engineering and cloud delivery practices
- Experience evaluating and implementing emerging cybersecurity technologies, including AI-driven security capabilities, and translating proof-of-concepts into scalable production solutions
- Strong executive communication and stakeholder management skills, with the ability to influence technical strategy and partner effectively across cybersecurity, infrastructure, cloud engineering, and business leadership
- Advanced security certifications such as CISSP, GIAC, OSCP, CCSP, Azure Security Engineer, AWS Security Specialty, or comparable industry-recognized credentials