Principal Cyber Security Platform Engineer

Job summary

Jack Henry is seeking a Principal Cyber Security Engineer to join their Information Security team. This senior role involves safeguarding Jack Henry's infrastructure, platforms, and customer data by leveraging deep cybersecurity expertise to build, automate, and continuously elevate security posture across cloud and on-prem environments. The ideal candidate will have hands-on experience across various security domains including observability, cloud security, application security, DevSecOps, incident response, and identity and access management. This position is remote within the United States (excluding California) and requires a minimum of 15 years of progressive experience in cyber security or site reliability engineering.

Benefits

Qualifications

• Minimum of 15 years of progressive experience in cyber security or site reliability engineering.
• Minimum of 5 years of hands-on experience with cloud platforms (AWS, Azure, or GCP) in a security-focused capacity.
• Minimum of 5 years of experience in cyber detection and incident response.
• Minimum of 3 years of experience with security observability and monitoring tools (SIEM, log management, APM).
• Demonstrated experience in DevSecOps practices.
• Bachelor’s degree in Computer Science, Cyber Security, Information Technology, Computer Engineering, or a closely related technical field (nice to have).
• Strong knowledge of networking fundamentals (TCP/IP, DNS, TLS/SSL, VPN, firewalls, load balancers) (nice to have).
• Experience with container technologies (Docker, Kubernetes) and their associated security challenges (nice to have).
• Working knowledge of regulatory frameworks relevant to financial services (PCI-DSS, SOC 2, FFIEC, NIST 800-53) (nice to have).
• Familiarity with offensive security concepts, penetration testing methodologies, and red/blue/purple team exercises (nice to have).
• Experience in the financial services or fintech industry with knowledge of banking regulations and compliance requirements (nice to have).
• Experience with security automation and orchestration (SOAR) platforms (nice to have).
• Hands-on experience with zero-trust network architectures and micro-segmentation technologies (nice to have).
• Background in threat hunting, digital forensics, or malware analysis (nice to have).
• Experience leading or mentoring security engineering teams (nice to have).
• Contributions to open-source security tools or active participation in industry security communities (DEF CON, BSides, OWASP chapters) (nice to have).

Responsibilities

• Build and operate security observability and monitoring capabilities, including SIEM, SOAR, and log aggregation, to enable real-time threat detection and response.
• Develop and tune detection rules, alerting, and dashboards to improve visibility, response times, and security KPIs.
• Implement and enforce security controls across multi-cloud environments (AWS, Azure, GCP), leveraging CSPM, CWPP, and CNAPP solutions to protect cloud infrastructure and workloads.
• Develop infrastructure-as-code and policy-as-code guardrails to ensure secure, consistent cloud deployments.
• Embed security into CI/CD pipelines, integrating tools such as SAST, DAST, SCA, and container scanning to advance DevSecOps practices and reduce vulnerabilities early.
• Partner with engineering teams on secure coding, threat modeling, and vulnerability remediation efforts.
• Support incident response and threat management, including escalation, investigation, and continuous improvement of playbooks and response processes.
• Implement and enhance identity and access management (IAM), including zero-trust principles, least-privilege access, MFA, and privileged access controls.
• Identify and mitigate security risks, ensuring alignment with regulatory and compliance requirements (SOC 2, PCI-DSS, FFIEC, NIST), while mentoring engineers and driving adoption of scalable security practices.

Skills

Degrees

Travel

Industry

Relocation