Job description

Join to apply for the Principal Security Engineer role at Acrisure 4 days ago Be among the first 25 applicants Join to apply for the Principal Security Engineer role at Acrisure Get AI-powered advice on this job and more exclusive features. Bringing cutting-edge technology and top-tier human support together, we connect clients with customized solutions across a range of insurance, reinsurance, payroll, benefits, cybersecurity, mortgage services – and more. Bringing cutting-edge technology and top-tier human support together, we connect clients with customized solutions across a range of insurance, reinsurance, payroll, benefits, cybersecurity, mortgage services – and more. This role strengthens and optimizes the organization's security capabilities by reviewing existing tools, applications, and processes to identify gaps. It establishes and maintains cloud security architecture best practices, focusing on Azure and VMware, and integrates new and existing security platforms. The role collaborates with Data Center and Network Operations teams to maintain a secure architecture and analyzes security events for anomalous activity. The individual works on issues requiring the analysis of relevant factors and exercises considerable judgment within defined procedures to determine appropriate action. This individual will work across multiple departments to design, implement, and manage security solutions that protect both internal and third party (vendor) systems and customer data. You will play a critical role in ensuring that security practices are aligned with compliance requirements while driving technical solutions for secure systems and data protection across the entire organization. Security Engineering & Architecture: Must have expertise in designing, implementing, and maintaining security architectures across cloud, third-party, and on-premises environments, including evaluating and integrating emerging security technologies. Should possess deep knowledge of embedding security within CI/CD pipelines, establishing security standards, and conducting secure code reviews with development teams. Must understand encryption technologies for securing data at rest and in transit, with experience managing cryptographic keys and ensuring compliance with industry standards. Secure Coding: Should be proficient in secure coding practices, training teams, and developing standards to prevent vulnerabilities like injection flaws, XSS, and authentication issues. Governance, Risk, & Compliance (GRC): Must have a strong grasp of GRC frameworks (e.g., NIST, ISO 27001) and experience in aligning technical controls with regulatory and audit requirements. Threat Management: Requires expertise in performing risk assessments, threat modeling, vulnerability assessments, and mitigation planning to address security risks. Incident Response & Monitoring: Should have knowledge of incident response strategies, SOC collaboration, and implementing continuous monitoring tools to ensure compliance and security standards. Hands-on experience with security tools such as IDS/IPS, SIEM, vulnerability scanners, and penetration testing platforms. ~ Experience with cloud platforms (AWS, Azure, GCP) and securing cloud-native applications. ~ Proficiency in programming languages (e.g., Python, Java, C++) and automation tools (e.g., Strong knowledge of networking protocols, firewalls, VPNs, proxies, and security monitoring tools. ~5+ years of relevant experience in security engineering and GRC-focused security solutions development. ~ Extensive hands-on experience in DevSecOps, integrating security in CI/CD pipelines, and supporting development teams in secure coding practices. ~ Proven expertise in cryptography, including encryption, key management, and digital signatures. ~ Experience implementing technical controls and solutions that align with governance, risk, and compliance frameworks (e.g., CISSP (Certified Information Systems Security Professional) ~ CISM (Certified Information Security Manager) ~ CRISC (Certified in Risk and Information Systems Control) Candidates should be comfortable with an on-site presence to support collaboration, team leadership, and cross-functional partnership. Generous vacation policy, paid holidays, and paid sick time ~ Medical Insurance, Dental Insurance, and Vision Insurance (employee-paid) ~ Company-paid Short-Term and Long-Term Disability Insurance ~ Company-paid Group Life Insurance ~ Company-paid Employee Assistance Program (EAP) and Calm App subscription ~ Vested 401(k) with company match and financial wellness programs ~ Flexible Spending Account (FSA), Health Savings Account (HSA) and commuter benefit options ~ Career growth and learning opportunities ~…Making a lasting impact on the communities it serves, Acrisure has pledged more than $22 million through its partnerships with Corewell Health Helen DeVos Children's Hospital in Grand Rapids, Michigan, UPMC Children's Hospital in Pittsburgh, Pennsylvania and Blythedale Children's Hospital in Valhalla, New York. Placement within the range will be based on a variety of factors, including but not limited to skills, experience, qualifications, location, and internal equity. All applicants will be considered foremploymentwithout attention to race, color, religion, age, sex, sexual orientation, gender identity, national origin, veteran, or disability status. California residents can learn more about our privacy practices for applicants by visiting the Acrisure California Applicant Privacy Policy available at Sign in to set job alerts for “Principal Security Engineer” roles. Senior Principal Systems Security Engineer (Program Protection / Anti-Tamper) - (On-site Marlborough, MA) P5 Marlborough, MA $124,000.BCG Platinion | Principal IT Architect, Public Sector Industry Leader (Defense & Security, Civil Sector)BCG Platinion | Lead IT Architect, Public Sector Industry Leader (Defense & Security, Civil Sector)Principal Security Engineer, Amazon | Multiple Locations, USASenior Principal Systems Security Engineer (Program Protection / Anti-Tamper) - (On-site Tewksbury, MA) P5 Tewksbury, MA $124,000.Senior Staff Engineer, Offensive Security (REMOTE) Boston, MA $120,000.Senior Security Engineer - Infrastructure and Cloud SecuritySenior Intellectual Property Security Engineer Westford, MA $184,000.Principal Systems Security Engineer (ONSITE) Newton, MA $130,000.Principal Engineer, Security & Access Management (Agentic AI) Tewksbury, MA $101,000.We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #

Requirements