Fidelity Investments
Principal, Perimeter Security Engineer
Fidelity Investments, Durham, North Carolina, United States, 27703
Join us as a Principal Perimeter Security Engineer at Fidelity Investments to safeguard our perimeter against evolving cyber threats, protecting critical assets in Durham, NC while collaborating with cloud and DevOps teams.
Responsibilities
Analyze and reverse‑engineer malware samples to understand behavior and impact.
Create and refine detection signatures and defensive strategies.
Partner with DevOps and cloud teams to deploy and maintain secure AWS infrastructure.
Design, build, and maintain secure and scalable Kubernetes clusters.
Integrate and optimize Web Application Firewall (WAF) solutions to protect web applications.
Provide technical mentorship and threat intelligence to incident response and SOC teams.
Document findings, produce reports, and contribute to knowledge bases and threat feeds.
Qualifications
5+ years of experience in malware engineering, reverse engineering, or threat research.
Proficient in AWS services (EC2, S3, IAM, VPC, Lambda).
Hands‑on experience with Kubernetes deployment and management.
Knowledge of WAF technologies such as AWS WAF, Akamai, and Imperva.
Strong understanding of networking protocols, operating systems, and exploit techniques.
Programming/scripting skills in Python, C/C++, Go, or similar languages.
Bachelor’s degree in Computer Science, Cybersecurity, or related field preferred; can be waived for qualified experience.
Preferred certifications: GREM, OSCP, AWS Certified Security, or Kubernetes Administrator.
Excellent analytical, problem‑solving, written, and verbal communication skills.
Team We are the Enterprise Cyber Security – External Defense team, dedicated to developing a secure and resilient perimeter for Fidelity Investments. We closely collaborate with External Defense Ops, cloud teams, and incident response units to deploy and sustain robust security measures in a culture of continuous learning and innovation.
Location & Employment Durham, NC – hybrid model (on‑site every other week). Full‑time position.
#J-18808-Ljbffr
Responsibilities
Analyze and reverse‑engineer malware samples to understand behavior and impact.
Create and refine detection signatures and defensive strategies.
Partner with DevOps and cloud teams to deploy and maintain secure AWS infrastructure.
Design, build, and maintain secure and scalable Kubernetes clusters.
Integrate and optimize Web Application Firewall (WAF) solutions to protect web applications.
Provide technical mentorship and threat intelligence to incident response and SOC teams.
Document findings, produce reports, and contribute to knowledge bases and threat feeds.
Qualifications
5+ years of experience in malware engineering, reverse engineering, or threat research.
Proficient in AWS services (EC2, S3, IAM, VPC, Lambda).
Hands‑on experience with Kubernetes deployment and management.
Knowledge of WAF technologies such as AWS WAF, Akamai, and Imperva.
Strong understanding of networking protocols, operating systems, and exploit techniques.
Programming/scripting skills in Python, C/C++, Go, or similar languages.
Bachelor’s degree in Computer Science, Cybersecurity, or related field preferred; can be waived for qualified experience.
Preferred certifications: GREM, OSCP, AWS Certified Security, or Kubernetes Administrator.
Excellent analytical, problem‑solving, written, and verbal communication skills.
Team We are the Enterprise Cyber Security – External Defense team, dedicated to developing a secure and resilient perimeter for Fidelity Investments. We closely collaborate with External Defense Ops, cloud teams, and incident response units to deploy and sustain robust security measures in a culture of continuous learning and innovation.
Location & Employment Durham, NC – hybrid model (on‑site every other week). Full‑time position.
#J-18808-Ljbffr