Principal Security Engineer - Defensive Security

It's fun to work in a company where people truly BELIEVE in what they're doing!

Fullsteam is a leading provider of vertical software and embedded payments technology dedicated to helping businesses flourish by providing their customers with seamless experiences. With a dynamic and growing team of over 1,900 employees, we are committed to driving innovation and delivering best-in-class software and payment solutions that empower small and medium-sized businesses across numerous industries. Our purpose is to help our customers grow their businesses and delight their customers. Join us and be a part of a forward-thinking company that values growth, excellence, and the success of our clients.

The position is part of Fullsteam’s Corporate InfoSec Team and is responsible for incident detection and response across Fullsteam and its Business Units.

The Principal Security Engineer will work to build, mature, and operate security engineering and incident detection and response functions for Fullsteam. Working with stakeholders across technology and business unit operations, this individual will help execute the vision for secure architecture, design and implement defensive technologies and supporting infrastructure, and detect and disrupt threats facing Fullsteam at scale.

Primary Responsibilities:

• Architect security solutions from idea to implementation
• Serve as a technical leader during design and implementation
• Partner with stakeholders to roll out defense security tooling and incident response controls across multi-cloud environments
• Developing Security Architecture Standards across On-Premise, Hybrid, and Cloud-Native Environments
• Respond to security events and incidents reported by business units, corporate and outside parties
• Implement logging solutions across multi-cloud environments
• Create and proactively respond to security events and incidents discovered through detection mechanisms and logging including 24x7 response on a rotating basis
• Create playbooks to respond consistently to security events and incidents
• Mentor junior staff members on incident response and security engineering practices

Skills & Competencies:

• Knowledge of cloud environments and system infrastructure
• Strong knowledge of Security Information and Event Management (SIEM) systems
• Familiarity with common security attack vectors and how to respond
• Extensive experience responding to security events and incidents
• Knowledge of common defensive security controls and their usages

Minimum Qualifications:

• 7+ years of experience implementing security tooling and/or working in incident detection and response
• Experience leading projects to implement security solutions and operating systems such as SIEM, endpoint security, and other security controls
• Familiarity with cloud environments such as AWS, Azure, and GCP
• Strong knowledge of how security tooling works and incident response processes
• Ability to break down large-scale technical challenges into the necessary subset of tasks that need to be accomplished
• Strong experience with Terraform & Bicep preferred
• Related certifications such as CISSP, Blue Team, and CompTIA CySA+ a plus

Fullsteam supports an inclusive workplace that values diversity of thought, experience, and background. Fullsteam is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state, or local law.