Join to apply for the Principal Security Engineer role at Acrisure
4 days ago Be among the first 25 applicants
Join to apply for the Principal Security Engineer role at Acrisure
Get AI-powered advice on this job and more exclusive features.
About Acrisure
A global fintech leader, Acrisure empowers millions of ambitious businesses and individuals with the right solutions to grow boldly forward. Bringing cutting-edge technology and top-tier human support together, we connect clients with customized solutions across a range of insurance, reinsurance, payroll, benefits, cybersecurity, mortgage services – and more.
Job Description
About Acrisure
A global fintech leader, Acrisure empowers millions of ambitious businesses and individuals with the right solutions to grow boldly forward. Bringing cutting-edge technology and top-tier human support together, we connect clients with customized solutions across a range of insurance, reinsurance, payroll, benefits, cybersecurity, mortgage services – and more.
In the last eleven years, Acrisure has grown in revenue from $38 million to almost $5 billion and employs over 19,000 colleagues in more than 20 countries. Our culture is defined by our entrepreneurial spirit and all that comes with it: innovation, client centricity and an indomitable will to win.
Job Summary:
This role strengthens and optimizes the organization's security capabilities by reviewing existing tools, applications, and processes to identify gaps. It establishes and maintains cloud security architecture best practices, focusing on Azure and VMware, and integrates new and existing security platforms. The role collaborates with Data Center and Network Operations teams to maintain a secure architecture and analyzes security events for anomalous activity. It contributes to the organization's security posture and ensures a secure environment. The individual works on issues requiring the analysis of relevant factors and exercises considerable judgment within defined procedures to determine appropriate action.
This individual will work across multiple departments to design, implement, and manage security solutions that protect both internal and third party (vendor) systems and customer data. You will play a critical role in ensuring that security practices are aligned with compliance requirements while driving technical solutions for secure systems and data protection across the entire organization.
Responsibilities:
- Security Engineering & Architecture: Must have expertise in designing, implementing, and maintaining security architectures across cloud, third-party, and on-premises environments, including evaluating and integrating emerging security technologies.
- DevSecOps: Should possess deep knowledge of embedding security within CI/CD pipelines, establishing security standards, and conducting secure code reviews with development teams.
- Cryptography: Must understand encryption technologies for securing data at rest and in transit, with experience managing cryptographic keys and ensuring compliance with industry standards.
- Identity & Authentication: Requires knowledge of designing and managing secure identity solutions, including Single Sign-On (SSO), Identity Providers (IdPs), and federation protocols such as SAML, OAuth, and OpenID Connect.
- Secure Coding: Should be proficient in secure coding practices, training teams, and developing standards to prevent vulnerabilities like injection flaws, XSS, and authentication issues.
- Governance, Risk, & Compliance (GRC): Must have a strong grasp of GRC frameworks (e.g., NIST, ISO 27001) and experience in aligning technical controls with regulatory and audit requirements.
- Threat Management: Requires expertise in performing risk assessments, threat modeling, vulnerability assessments, and mitigation planning to address security risks.
- Incident Response & Monitoring: Should have knowledge of incident response strategies, SOC collaboration, and implementing continuous monitoring tools to ensure compliance and security standards.
- Collaboration & Leadership: Must demonstrate the ability to work with cross-functional teams, mentor junior engineers, and act as a subject matter expert in security technologies, tools, and frameworks.
- Deep understanding of security standards and frameworks such as NIST, ISO 27001, CIS Controls, and industry compliance regulations (GDPR, HIPAA, PCI-DSS).
- Hands-on experience with security tools such as IDS/IPS, SIEM, vulnerability scanners, and penetration testing platforms.
- Experience with cloud platforms (AWS, Azure, GCP) and securing cloud-native applications.
- Proficiency in programming languages (e.g., Python, Java, C++) and automation tools (e.g., Terraform, Ansible).
- Strong knowledge of networking protocols, firewalls, VPNs, proxies, and security monitoring tools.
- 5+ years of relevant experience in security engineering and GRC-focused security solutions development.
- Extensive hands-on experience in DevSecOps, integrating security in CI/CD pipelines, and supporting development teams in secure coding practices.
- Proven expertise in cryptography, including encryption, key management, and digital signatures.
- Strong background in identity provider (IdP) management and federated authentication solutions (SAML, OAuth, OpenID Connect).
- Experience implementing technical controls and solutions that align with governance, risk, and compliance frameworks (e.g., NIST, ISO 27001, GDPR, HIPAA, PCI-DSS).
- Certifications (preferred):
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- GIAC (Global Information Assurance Certification)
- CEH (Certified Ethical Hacker)
- CRISC (Certified in Risk and Information Systems Control)
Benefits and Perks:
- Competitive compensation
- Generous vacation policy, paid holidays, and paid sick time
- Medical Insurance, Dental Insurance, and Vision Insurance (employee-paid)
- Company-paid Short-Term and Long-Term Disability Insurance
- Company-paid Group Life Insurance
- Company-paid Employee Assistance Program (EAP) and Calm App subscription
- Employee-paid Pet Insurance and optional supplemental insurance coverage
- Vested 401(k) with company match and financial wellness programs
- Flexible Spending Account (FSA), Health Savings Account (HSA) and commuter benefit options
- Paid maternity leave, paid paternity leave, and fertility benefits
- Career growth and learning opportunities
- …and so much more!
Making a lasting impact on the communities it serves, Acrisure has pledged more than $22 million through its partnerships with Corewell Health Helen DeVos Children's Hospital in Grand Rapids, Michigan, UPMC Children's Hospital in Pittsburgh, Pennsylvania and Blythedale Children's Hospital in Valhalla, New York.
Welcome, your new opportunity awaits you.
Pay Details:
The base compensation range for this position is $150,000 - $160,000. This range reflects Acrisure's good faith estimate at the time of this posting. Placement within the range will be based on a variety of factors, including but not limited to skills, experience, qualifications, location, and internal equity.
Acrisure is committed to employing a diverse workforce. All applicants will be considered foremploymentwithout attention to race, color, religion, age, sex, sexual orientation, gender identity, national origin, veteran, or disability status. California residents can learn more about our privacy practices for applicants by visiting the Acrisure California Applicant Privacy Policy available at Executive Search Firms & Staffing Agencies: Acrisure does not accept unsolicited resumes from any agencies that have not signed a mutual service agreement. All unsolicited resumes will be considered Acrisure’s property, and Acrisure will not be obligated to pay a referral fee. This includes resumes submitted directly to Hiring Managers without contacting Acrisure’s Human Resources Talent Department.
Seniority level
Seniority level
Mid-Senior level
Employment type
Employment type
Full-time
Job function
Job function
Information TechnologyIndustries
Insurance
Referrals increase your chances of interviewing at Acrisure by 2x
Sign in to set job alerts for “Principal Security Engineer” roles.
Westford, MA $148,000.00-$287,500.00 3 days ago
Senior Principal Systems Security Engineer (Program Protection / Anti-Tamper) - (On-site Marlborough, MA) P5
Marlborough, MA $124,000.00-$250,000.00 5 days ago
BCG Platinion | Principal IT Architect, Public Sector Industry Leader (Defense & Security, Civil Sector)
BCG Platinion | Lead IT Architect, Public Sector Industry Leader (Defense & Security, Civil Sector)
Principal Security Engineer, Amazon | Multiple Locations, USA
Senior Principal Systems Security Engineer (Program Protection / Anti-Tamper) - (On-site Tewksbury, MA) P5
Tewksbury, MA $124,000.00-$250,000.00 5 days ago
Senior Staff Engineer, Offensive Security (REMOTE)
Boston, MA $120,000.00-$260,000.00 2 days ago
Senior Security Engineer - Infrastructure and Cloud Security
Senior Intellectual Property Security Engineer
Westford, MA $184,000.00-$356,500.00 2 weeks ago
Principal Systems Security Engineer (ONSITE)
Newton, MA $130,000.00-$180,000.00 2 days ago
Cambridge, MA $95,000.00-$237,500.00 1 week ago
Hanscom AFB, MA $146,670.00-$249,330.00 2 weeks ago
Hanscom AFB, MA $140,000.00-$185,000.00 1 week ago
Principal Engineer, Security & Access Management (Agentic AI)
Tewksbury, MA $101,000.00-$203,000.00 3 days ago
Pembroke, MA $130,000.00-$160,000.00 5 days ago
Westwood, MA $133,710.00-$148,570.00 1 month ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr