Principal I - Security

Job Title:

Principal I - Security

Location:

Block 23

What you'll do:

We are seeking a Principal Security Engineer with deep subject matter expertise in the Varonis Data Security Platform and advanced proficiency in network and perimeter security architecture. This role will serve as a technical and strategic leader, driving enterprise-wide data protection, threat detection, and secure infrastructure design. The ideal candidate will bring a blend of hands-on engineering, architectural vision, and cross-functional leadership to elevate our security posture.

Data Security & Varonis Leadership

• Serve as the enterprise authority on Varonis (DatAdvantage, DCE, Edge, etc.), leading architecture, deployment, and optimization across hybrid environments.
• Define and enforce data governance policies, access control models, and insider threat detection strategies using Varonis.
• Architect integrations between Varonis and enterprise platforms (e.g., ServiceNow, CMDB, SIEM) to automate access reviews, entitlement reporting, and remediation workflows.
• Lead executive-level reporting on data risk posture, audit readiness, and compliance metrics (e.g., SOX, GLBA, GDPR).

Network & Perimeter Security Architecture

• Design and implement secure network architectures, including segmentation, zero trust models, and cloud perimeter controls.
• Lead the configuration and lifecycle management of firewalls, IDS/IPS, VPNs, and secure web gateways.
• Collaborate with SOC and threat intel teams to develop detection logic, response playbooks, and threat hunting strategies.
• Conduct red/blue team exercises, vulnerability assessments, and penetration testing of enterprise infrastructure.

Strategic & Cross-Functional Leadership

• Act as a security advisor to IT, Legal, Compliance, and Data Governance teams.
• Lead security architecture reviews for new technologies, M&A integrations, and infrastructure modernization efforts.
• Mentor junior engineers and contribute to the development of security engineering standards and best practices.
• Represent security in executive steering committees and regulatory audits.

What you'll need:

• 8+ years of experience in Information Security, with 3+ years in a senior or lead engineering role.
• 3+ years of hands-on experience with Varonis Data Security Platform.
• Bachelor's degree in a related field required; Masters or MBA in a related field preferred.
• Previous leadership experience preferred.
• Advanced knowledge of general Financial Services or Banking is preferred.
• Advanced to expert understanding and experience working with downstream business-critical processes that are dependent on the availability and reliability of data, designing new (and refactoring existing) cyber defense, auditing, and access platforms through scaling, service reliability requirements, and problem management.
• Knowledge of applicable regulatory and legal compliance obligations, rules and regulations, industry standards and practices.
• Advanced to expert understanding and experience working with logging infrastructure concepts: Syslog; log parsing; log de-duping; methods for log pulling; RFC 5424; CEF Format; JSON; key-value pair format; log enrichment; log maintenance; log troubleshooting.
• Deep experience with and understanding of load balancers, DNS, SMTP, etc. for troubleshooting application functionality.
• Experience with collocated data centers, disaster recovery, and redundant network designs and architecture.
• Advanced to expert experience or knowledge of 2 or more of the following: NIST of MITRE (and the administration of either or any IT Automation platform), SOAR, Firewall, IAM platform, SIEM, or cloud cyber defense platform.
• Experience gathering operational reports on utilization, capacity, performance, and anomalies to drive improvements.
• Expert speaking and writing communication skills.
• Deep expertise in enterprise network security, including firewalls, IDS/IPS, NAC, and VPNs.
• Strong understanding of Windows/AD environments, cloud platforms (Azure/AWS), and hybrid infrastructure.
• Proven experience with automation and scripting (PowerShell, Python, REST APIs).
• Exceptional communication, leadership, and stakeholder engagement skills.
• CLOUD TECHNOLOGY - Azure or AWS Certification(s) required.
• CYBER SECURITY - 1 or more of the following required: Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), CompTIA Security+, Offensive Security Certified Professional (OSCP), GIAC Security Essentials (GSEC), GIAC Certified Incident Handler (GCIH), Certified Cloud Security Professional (CCSP), Certified in Risk and Information Systems Control (CRISC).
• GENERIC COMPUTING - 1 or more of the following required: CompTIA A+, CompTIA Linux+, CompTIA Network+, CompTIA Server+, CompTIA IT Fundamentals, Microsoft Certified: Identity and Access Administrator Associate, Microsoft Certified: Security, Compliance, and Identity Fundamentals, Microsoft Certified: Windows Server Hybrid Administrator Associate, Microsoft Certified: Azure Network Engineer Associate, RHCSA, RHCE, RHCS - Linux Performance Tuning, RHCS-Identity Management, RHCS-Linux Diagnostics and Troubleshooting, RHCS-Developing automation with Ansible.

Preferred Certifications:

• Varonis Certified Administrator (VCA)
• CISSP, CISM, or CCSP
• CCNP Security or equivalent

Benefits you’ll love:
We offer all the important things you'd want — like competitive salaries, an ownership stake in the company, medical and dental insurance, time off, a great 401k matching program, tuition assistance program, an employee volunteer program, and a wellness program. In addition, you’ll have the opportunity to bolster your business knowledge, learning the ins and outs of how successful companies operate and manage their finances, giving you invaluable hands-on experience to help grow your career!

About the company:

Western Alliance Bank is a wholly owned subsidiary of Western Alliance Bancorporation. Alliance Bank of Arizona, Alliance Association Bank, Bank of Nevada, Bridge Bank, First Independent Bank, and Torrey Pines Bank are divisions of Western Alliance Bank; Member FDIC.  AmeriHome Mortgage is a Western Alliance Bank company.

Western Alliance Bancorporation is committed to equal employment and will consider all qualified applicants without regard to race, sex, color, religion, age, nation origin, marital status, disability, protected veteran status, sexual orientation, gender identity or genetic information. Western Alliance Bancorporation is committed to working with and providing reasonable accommodations for individuals with disabilities. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process and/or need an alternative method of applying, please email HR@westernalliancebank.com or call 602-386-2488.  When contacting us, please provide your contact information and state the nature of your accessibility issue.  We will only respond to inquiries concerning requests that involve a reasonable accommodation in the application process.

© Western Alliance Bancorporation