[Remote] Principal Security Engineer
Note: The job is a remote job and is open to candidates in USA. Jeppesen ForeFlight builds mission-critical navigation and aviation data software used by pilots and operators worldwide. As Principal Security Architect, you'll own the technical security strategy across our enterprise IT and SaaS environments, partnering closely with engineering, infrastructure, product security, and compliance functions to protect pilot, operator, and aviation data.
Responsibilities
- Define and continuously evolve the enterprise security architecture across identity, endpoint, network, cloud (AWS/Azure), and SaaS. Produce explicit threat models for each tier; translate them into prioritized engineering roadmaps
- Design and oversee implementation of zero-trust access, IAM/PAM, MFA, and privileged credential management — with Okta and Entra ID as the primary platforms
- Lead technical response to high-severity incidents. Operate and mature EDR/XDR, SIEM, and DLP programs; drive post-incident hardening with measurable outcomes
- Evaluate and approve security designs for new platforms, SaaS integrations, infrastructure initiatives, and M&A activity before they reach production
- Partner with GRC on SOC 2, ISO 27001, and aviation-specific control requirements. Translate auditor findings and regulatory obligations into concrete engineering work — not policy binders
- Mentor security and infrastructure engineers, raise the security bar in cross-functional architecture reviews, and serve as a credible peer to product security engineering leaders
Skills
- 10+ years in security engineering or architecture, including 3+ years as a principal architect or staff-level IC with demonstrated enterprise ownership
- Understanding of security as it flows across environments such as data centers, Azure, AWS. Hands-on familiarity with IAM and VPC security
- Proven experience with enterprise identity platforms (Okta, Entra ID/Azure AD) and modern detection tooling (EDR/XDR, SIEM, SOAR)
- Solid working knowledge of NIST CSF, ISO 27001, and SOC 2; familiarity with FAA/EASA, DoD, or CMMC contexts is a meaningful advantage
- Track record of turning risk assessments and audit findings into shipped engineering improvements — not just recommendations
- Strong communicator across audiences: equally comfortable whiteboarding with engineers and presenting risk posture to executives
- Bachelor's in CS, engineering, or equivalent experience. CISSP, OSCP, or GIAC certifications are valued, not required
- Experience in aviation, aerospace, defense, or other safety-critical software environments where the cost of a security failure extends beyond data
- Hands-on experience integrating acquired companies onto a common enterprise security baseline — identity federation, endpoint standardization, and network segmentation
- Familiarity with M&A security due diligence and post-close integration planning
Benefits
- Medical, dental, vision insurance with Employer paid health premiums
- Open PTO Policy
- 401(k) with up to 10% company matching and immediate vesting
- 12 Weeks Paid Maternity Leave
- 4 Weeks Paid Paternity Leave
- Flight Training Rewards
Company Overview