Principal - Information Security Engineering

About our group:

Company is seeking a highly technical and execution‑oriented Principal – Information Security Engineering to lead the design, implementation, and operationalization of core security capabilities across enterprise IT, cloud, and operational technology (OT) environments.

This role operates as a senior individual contributor with broad scope and influence, driving practical and measurable security outcomes across identity, network, cloud, endpoint, data protection, and OT environments.

The Principal is expected to operate cross‑domain, driving security engineering decisions and execution at enterprise scale with a strong emphasis on:

• Risk‑based prioritization
• Measurable control effectiveness
• Operational scalability
• Cross‑functional execution

The ideal candidate is a pragmatic engineering leader who thrives in complex, heterogeneous environments where legacy systems, manufacturing operations, and modern cloud platforms coexist.

About the role - you will:

Identity & Access Security Engineering

• Own and enhance identity security capabilities across IT, cloud, and OT environments.
• Optimize and harden enterprise identity controls (MFA, SSO, PAM, Service Account Management).
• Define and enforce least privilege, RBAC, and identity governance standards.
• Extend identity controls into manufacturing and OT environments using practical and scalable approaches.

Network & Infrastructure Security Engineering

• Define and evolve network security and containment strategies.
• Design and validate enterprise‑scale containment strategies and zero‑trust access patterns.
• Drive engineering decisions across firewall platforms, network access, PKI, and certificate management.
• Improve containment effectiveness and reduce lateral movement risk across environments.

Cloud Security Engineering

• Evolve and govern cloud security guardrails and control patterns.
• Act as the design authority, driving the technical maturity of security platforms to ensure high‑fidelity alerting and automated remediation.
• Partner with infrastructure and application teams to ensure secure deployment standards.

Data Protection & AI Security Engineering

• Lead implementation and expansion of data protection and DLP capabilities.
• Partner with business and engineering teams to identify:
  • Crown jewel data
  • Critical data flows and exposure pathways
• Support AI governance and security controls, including:
  • AI traffic visibility
  • Access control, monitoring, and guardrails
• Align controls to emerging industry practices for AI and GenAI security.

OT / Factory Security Engineering

• Provide security design oversight for manufacturing environments, partnering with factory IT engineers to adapt IT standards (such as identity and segmentation) to factory‑floor realities.
• Define practical security controls for:
  • Legacy systems
  • Remote access
  • Vendor connectivity
• Improve OT visibility, monitoring, and containment capabilities.
• Partner directly with factory engineering and operations leadership.

Security Monitoring & Exposure Management

• Evaluate and improve the effectiveness of detection and response.
• Drive the transition from vulnerability volume management to continuous exposure management.

Cross‑Functional Leadership & Execution

• Lead complex, cross‑functional security engineering initiatives.
• Translate security strategy into scalable, operational solutions.
• Drive measurable outcomes—not just technology deployment.
• Establish repeatable engineering patterns and processes.
• Influence technical decisions and prioritization across teams.

About you:

Technical Expertise

• Identity & access management (MFA, SSO, PAM, RBAC).
• Network security and segmentation.
• Cloud security architecture and controls.
• SIEM/SOAR and detection engineering.
• Data protection, DLP, and data classification.
• Endpoint and exposure management.
• OT/ICS security concepts and constraints.
• Zero Trust principles.

Leadership & Operating Style

• Outcome‑oriented and execution‑focused.
• Comfortable operating in ambiguity and complex environments.
• Strong prioritization and problem‑solving skills.
• Able to balance security requirements with operational realities.
• Strong cross‑functional communication and stakeholder management.

Success in This Role
Success will be measured by:

• Improved control effectiveness across environments
• Measurable reduction in exposure and operational risk
• Increased automation and operational scalability
• Improved visibility into security posture and attack surface
• Ability to drive cross-functional execution and deliver outcomes

Career Growth & Development

• This role is designed as a senior individual contributor position with opportunities for growth along multiple career paths based on demonstrated impact and leadership.
• Over time, the individual may expand into:
  • Technical leadership path: influencing broader security architecture, defining enterprise standards, and shaping long-term security strategy
    Organizational leadership path: leading teams and driving security engineering through formal management roles (e.g., Director, Security Engineering), based on demonstrated people leadership, organizational impact, and sustained delivery outcomes
• Company supports both paths, enabling individuals to grow based on their strengths and career aspirations.

Your experience includes:

• 10+ years of experience in information security engineering or architecture
• Deep hands‑on experience across multiple domains:
  • Identity, network, cloud, endpoint, SIEM/SOAR, and data protection
• Strong understanding of security controls in:
  • Manufacturing and OT/ICS environments
• Experience implementing controls in hybrid and legacy‑heavy environments.
• Proven ability to drive security engineering initiatives from design through operationalization.

You Might Also Have:

• Typically requires a minimum of 15 years of related experience with a Bachelor’s degree; or 12 years and a Master’s degree; or a PhD with 8 years of experience; or equivalent experience.
• Experience in high‑tech manufacturing or industrial environments.
• Experience with Microsoft security stack (e.g., Sentinel, Entra, Purview).
• Experience with Palo Alto, CrowdStrike, and modern identity platforms.
• CISSP, CISM, GIAC, or equivalent certifications.
• Experience with AI/GenAI security controls and governance frameworks.

The estimated base salary range for this position is $158,530.00 - $235,400.00. The individual salary is based on work location and additional factors, including job-related skills, experience, and relevant education or training.

Seagate offers comprehensive benefits to its eligible employees, including, but not limited to, eligibility to participate in discretionary bonus program, medical, dental, vision, and life insurance, short- and long-term disability, 401(k), employee stock purchase plan, health savings account, dependent care, and healthcare spending accounts. Seagate also offers paid time off, including 12 holidays, flexible time off provided pursuant to Seagate policy, a minimum of 48 hours of paid sick leave, and 16 weeks of paid parental leave. The benefits for this position are based on a full-time schedule for a full calendar year and may differ depending on work location.

Location:

This role is a Hybrid position based in Longmont, CO, with an expectation to be on site 3–4 days per week, as well as in person for business-critical needs.

Our Longmont product-design campus is nestled against the foothills with exceptional views of the Rocky Mountains. Here at work, you can grab breakfast and lunch in the on-site cafeteria or get an afternoon espresso, prepared by a professional barista. Our 600+ employees enjoy an active on-site experience from sporting activities (get in a few laps at lunch on our 1-mile walking path around campus, play ping-pong or volleyball, or stop in our 24-hour fitness center for a group or individual workout). We also offer opportunities for community service and participation in various employee resource groups.

Location: Longmont, United States
Travel: Up to 10%