Principal Security Engineer

The Principal Security Engineer role will support the cyber team that handles the mergers and acquisitions within in Citizens bank, working closely with technology and the business on requirements, strategy and tactical implementations and integration into Citizens.

In this role you will work closely with executives from all areas of the company as well as security and technology experts across the enterprise to analyze the potential acquisitions security, develop strategic and tactical solutions, troubleshoot, provide hands on support as well as understand requirements and take actions or provide guidance on remediations across all domains of security.

Primary Responsibilities include:

• Building strong relationships with stakeholders across security and technology
• Develop and maintain strong partnerships with business leadership
• Analyzing a large set of cyber and technology and business information to develop strategic plans
• Critical thinking skills across both the business, technology, legal and cyber space
• Ability to quickly pivot direction and solutioning options within tech and cyber
• Communicate and present to the business, technology and cyber
• Think outside the box to generate new and innovative solutions while taking a risk based approach to all areas of cyber
• Ability to organize and methodically drive ideas in an everchanging environment
• Develop Risk Based Mitigations and Solutions
• Supporting various security integration efforts across the business lines
• Supporting deployment of security tools and software
• Assisting in developing meaningful indicator metrics
• Providing internal awareness and consulting to colleagues within the business, technology and cyber regarding security initiatives and threats
• Providing support for new acquisitions by way of due diligence, discovery, vulnerability remediation, integration strategy and tactical implementation.

Required Skills/Experience:

• 10 or more year of Security experience in all domains with a large range of knowledge
• Understanding conceptually programming languages, OWASP and Security best practices in application code development
• Understanding of Generative AI and Agentic principles
• Understanding of application code scanning tools for security vulnerabilities
• Understanding and practical knowledge related to pen testing
• Understanding of Information Technology general practices
• Ability to write technical documentation and analyze security issues
• Proven verbal and written communication skills with the ability to present technical concepts to non-technical audiences
• Ability to understand conceptually writing scripts, trouble shoot technical security issues within Linux and windows systems.
• Working knowledge of identity and access management best practices, current tooling for IAM tasks, active directory, Identity store tools, authentication, and authorization best practice for both internal employee and external party access patterns.
• Working knowledge of DLP and data protection best practices and tools
• Working knowledge of common operating systems and networking concepts
• Working knowledge of security event logging and monitoring systems and processes
• Working knowledge of common server systems and concepts
• Working knowledge of common scripting languages (Python, PowerShell)
• Working knowledge of Anti-Virus Implementation and monitoring
• Working knowledge of Firewall security posture and management a plus
• Working knowledge of security principles for cloud platforms
• Working knowledge of vulnerability management program; detection, reporting, communication, and remediation
• Working knowledge of cyber threat modeling, compromise assessments
• Working knowledge of Federally regulated banking best cyber and physical security practices
• Experience with taking small amounts of cyber information and develop strategic plans working with the business and technology
• Ability to work independently with little guidance
• Ability to thrive in a fast past and ever-changing environment.
• Working knowledge of common architect and patterns across networking, cyber, technology
• Ability to take information both verbally and written, and present it in a concise and clear manner, that articulates the problem and the solution to a business user.
• Experience with risk based decision making and risk articulation and documentation

Education and Certifications:

• BA/BS degree in IT security, computer science or related field required

Onsite Locations:

Johnston, RI \ Dallas Irving, TX \ Plano, TX \ Franklyn, TN \ Iselin, NJ \ Boston, MA \ Providence, RI

Hours & Work Schedule

Hours per Week: 40

Work Schedule: Monday through Friday

Pay Transparency

The salary range for this position is $140,000 - $180,000 per year, plus an opportunity to earn an annual discretionary bonus. Actual pay is based on various factors including but not limited to the work location, and relevant skills and experience.

We offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more. Note, Citizens’ paid time off policy exceeds the mandatory, paid sick or paid time-away policy of every local and state jurisdiction in the United States. For an overview of our benefits, visit https://jobs.citizensbank.com/benefits .