Principal Information Security Engineer

A Moving Experience.

As a Principal Information Security Engineer, you will play a critical role in safeguarding our systems and software platforms across the development lifecycle. You will leverage your security engineering expertise and hands-on experience with tools like CrowdStrike, Zscaler, and Microsoft Security technologies to detect, respond to, and prevent threats. Your understanding of information security technologies, governance, and risk management will ensure we meet security and compliance expectations in a highly regulated, global automotive environment.

Key Responsibilities:

• Design and maintain robust security technologies, controls, and policies across our global enterprise.
• Support the implementation and management of endpoint detection and response (EDR), end point protection (EPP), zero trust network access (ZTNA), vulnerability management, identity and threat protection using platforms such as CrowdStrike Falcon, Zscaler, Tenable, and Microsoft Security PIM, conditional access, and Windows Hello.
• Own the information security controls that contribute to the company’s governance, risk, and compliance (GRC) efforts, particularly ISO 27001, TISAX, CIS, and customer security assessments.
• Monitor, analyze, and respond to security events, collaborating with vendors, global engineering, DevOps, and IT teams to resolve threats efficiently.
• Run corporate phishing campaign, security training, and security awareness programs.
• Document security processes and contribute to internal policies that support information and application security programs.
• Support vulnerability scanning, secure coding, and threat modeling activities in partnership with IT, product, and software teams.
• Participate in vendor security assessments and global OEM customer security reviews.

Required Qualifications:

• Minimum of 3 years of experience in information security, with a focus on corporate / enterprise security in a global, software-driven business.
• Proven experience with CrowdStrike Falcon, Zscaler, Microsoft Security tools, Tenable or similar.
• Solid understanding of governance and risk frameworks, particularly those relevant to enterprise information security management systems.
• Familiarity with secure software development practices and security in cloud environments (Azure preferred).
• Demonstrable ability as self-driven and to work independently.
• Strong analytical, problem-solving, and communication skills.

Preferred Qualifications:

• Bachelor’s degree or higher.
• Industry certifications such as CISSP, CISM, Microsoft SC Series.
• Experience with Atlassian Jira and Confluence.
• Experience with ISO 27001, TISAX, NIST, or CIS.
• Understanding of automotive cybersecurity standards (e.g., ISO 21434, UNECE WP.29).
• Knowledge of CI/CD pipelines and security integration in software development workflows.

All prospective and current Employees need to remain vigilant when it comes to executing security policies in the workplace. This includes:

• Following workplace security protocols and training programs to familiarize with the ways to maintain a safe workplace.
• Following security procedures to report any suspicious activity.
• Having respect for corporate security procedures to allow those procedures to be effective.
• Adhering to company's compliance and regulations.
• Encouraging to follow a zero tolerance for workplace violence.
• Basic knowledge of information security and data privacy requirements (e.g., how to protect data & how to be handling this data).
• Demonstrative knowledge of information security through internal training programs.