Bloom Energy is looking for a Principal Security Engineer to join their team in San Jose, CA. The ideal candidate will have 8-10 years of experience in security and a strong understanding of security frameworks and technologies. The role will involve developing and implementing robust security architectures, leading incident response efforts, and mentoring junior security team members.
Requirements
- Bachelor's degree in engineering, Computer Science, Information Technology, or a related field.
- Minimum of 8-10 years of experience in security, with at least 3 years in a senior or architect role.
- Strong knowledge of security frameworks (e.g., NIST, ISO 27001) and proficiency in security technologies such as firewalls, intrusion detection systems, SIEM, SOAR, XDR, Email Security, DLP, CASB, CNAPP, Vulnerability Scanning, Threat Intelligence and automated Penetration Testing.
- Experience with cloud security (AWS, Azure) and understanding of cloud-native security practices.
- Proficiency in designing and implementing Zero Trust security models, including secure network strategies, strong authentication policies, and risk management frameworks.
- Expertise in building cyber resiliency, including developing incident response plans, conducting threat intelligence analysis, and ensuring business continuity during and after cyber incidents.
- Strong understanding of network protocols, secure network architecture, and experience with configuring and managing firewalls, intrusion detection systems, and encryption solutions.
- Expertise in Identity and Access Management (IAM) principles and best practices, including user identity management, role-based access control (RBAC), single sign-on (SSO), multi-factor authentication (MFA), and identity governance.
- Proficiency in data security strategies, including data encryption, data loss prevention (DLP), secure data storage, and data integrity measures.
- Proficiency in endpoint protection strategies, including anti-malware solutions, host-based intrusion detection systems (IDS/IPS), endpoint hardening, and mobile device management.
- Solid knowledge of IoT security principles, including cryptography, identity and access management, and secure network architecture for IoT devices.
- Experience with DevSecOps practices, including integrating security into the software development lifecycle, automating security processes, and using tools for continuous security monitoring.
- Experience in product security, including identifying and mitigating security risks within products, collaborating with development teams, and ensuring products meet industry best practices for security.
- Excellent analytical and problem-solving skills, with the ability to work under pressure and handle complex security issues.
- Strong communication and leadership skills, with the ability to effectively convey security concepts to both technical and non-technical stakeholders.
Benefits
- Competitive Medical, Dental, and Vision plans with a large employer contribution
- 401(k) Retirement Plan with company match
- Generous Mental Health Support services
- Legal services
- Virtual Physical Therapy access
- Fertility & Family Forming benefits
