Principal Cybersecurity Engineer Position Available In DeKalb, Georgia
Tallo's Job Summary: The Principal Cybersecurity Engineer position in Atlanta, Georgia, requires 10+ years of cybersecurity experience, with expertise in application security, threat modeling, code reviews, and vulnerability testing. Responsibilities include leading technical security assessments, advising on secure software design, and collaborating with engineering teams to enhance security across various platforms. Preferred qualifications include certifications in cybersecurity and application security.
Job Description
Principal Cybersecurity Engineer Georgia, Atlanta 05/20/2025 Contract Active
Job Description:
Job Summary:
We are seeking a highly skilled Principal Cybersecurity Engineer or Junior Cybersecurity Architect with a strong background in Application Security. he ideal candidate will have a proven track record in performing technical security assessments, code reviews, and vulnerability testing to ensure the security of software, systems, and infrastructure. The role involves working cross-functionally with engineering teams to enhance the security posture of mobile devices, IoT, enterprise applications, cloud platforms, and network technologies.
Key Responsibilities:
Lead technical security assessments and application threat modeling using
STRIDE, PASTA, TRIKE, ATTACK TREE, DREAD, KILL
CHAIN, and CAPEC.
Conduct code reviews and vulnerability mitigation planning.
Advise teams on secure software design and implementation across mobile, cloud, enterprise, IoT, and core network environments.
Collaborate with engineering and operations teams to resolve security vulnerabilities identified via scans, PSIRTs, or incidents.
Define and implement security frameworks and technical architecture for small to mid-size projects.
Serve as a subject matter expert in firewall policy design, SSL certificate management, and secure cloud platform deployment.
Develop data flow diagrams and mobile application threat models.
Create and review detailed technical specifications, frameworks, and reusable design components.
Deliver security-focused training sessions, contribute to white papers, technical blogs, and proposals.
Participate in audits, solution reviews, and process improvement initiatives.
Required Qualifications:
10+ years in Cybersecurity
8+ years in Application Security
5+ years in Java, Python, Node.js, and related frameworks
5+ years in threat modeling methodologies such as STRIDE, PASTA, TRIKE, etc.
8+ years managing SSL certificates
5+ years designing firewall policies
5+ years conducting vulnerability analysis and mitigation
Strong understanding of:
Load balancers (e.g., A10, F5)
Firewalls (e.g., CheckPoint)
Cloud platforms (AWS, Azure, PCF, Docker)
Security tools (Venafi, FireEye, Damballa, CyberArk, ArcSight, Splunk, Symantec IDS/IPS, Qualys, Veracode)
MDM (e.g., MobileIron)
Proficient in scripting languages: Python, Perl, Shell, HTML, PHP
Solid understanding of federal and compliance regulations such as SOX, PCI, and CPNI
Experience with RESTful APIs and mobile/handset security
Preferred Qualifications:
Telecom domain experience
Experience with architecture consulting or technical audits
Knowledge of design principles, industry standards, and reusable component development
Certifications:
Industry-recognized certifications in Cybersecurity and/or Application Security
