Principal Engineer

Job Description:

The principal Engineer (L4) is the technical authority to the client for the Managed Protect organization, responsible for the overall success (technical), the stability of their managed environment(s) and the future evolution of their environment(s).

Principal engineers act as:

• Primary Technical Owners to each of their clients
• Architects/Design Authorities for all aspects of their clients environments
• Strategic Advisors on the evolution of the environments of the assigned clients
• Final approver for all escalations, workflows & vendor engagement Activities

In addition to these duties, the principal engineers will provide immediate resolution to any issues that arise in their customers environment, proactively improve their managed environments, and will continue to align their customers current and future needs with the capabilities of the Managed Protect services. As such, this role includes deep, hands-on technical knowledge combined with an understanding of architecture and ultimately serves as a decision-maker for the service delivery to the client.

Responsibilities:

Client Ownership & Accountability (Primary Responsibility) Responsibilities include:

Full technical ownership of all Managed Protect services delivered to assigned clients

Accountability for the availability, stability, and performance of managed security platforms

Ensuring incidents, escalations, and outages are driven to swift and effective resolution

Acting as the final decision-maker for technical direction related to the clients environment

Proactively identifying risks, gaps, and improvement opportunities

Principal engineers are ultimately accountable for technical outcomes, not just guidance.

Strategy, Roadmap & Client Engagement:

Define and maintain a proactive technical roadmap for each assigned client

Adjust Managed Protect service delivery with the clients requirements.

Lead Monthly Service Review / Quarterly Technical Governance Meetings with clients, covering: Managed devices health and performance, PIR and RCA outcomes, Improvement initiatives and roadmap progress, Upcoming changes, upgrades, or migrations.

Translate operational findings into strategic improvement plans

Architecture, Design & Professional Services

Escalation Control & Incident Accountability:

Act as the final internal escalation authority for assigned clients

Approve and control all vendor TAC escalations, including: Decision to engage vendor, Escalation priority and severity, Technical direction provided to vendor.

Guide lead engineers during complex incidents requiring architectural insight

Ensure: Clear ownership of resolution, Minimal disruption duration, Long-term corrective actions are defined and tracked.

Principal engineers are ultimately responsible for resolution, even when execution is delegated.

Workflow Governance & Quality Control

Approve and control technical workflows related to assigned clients, including: Complex changes, Non-standard configurations, High-risk operations.

Ensure consistency, quality, and adherence to Managed Protect standards

Act as the quality gate between operations, projects, and client expectations

Solid understanding and application of ITIL principles, especially: Incident Management, Change Management, Problem Management.

Principal engineers are responsible for applying standards to operations and ensuring service quality.

About SHQ:

SecurityHQ is a global cybersecurity company. Our specialist teams design, engineer and manage solutions that do three things: Promote clarity and trust in a complex world. Build momentum around improving security posture. And increase the value of cybersecurity investment within organizations. Free from limitations, and inclusive of all requirements, we focus on defending today, while mitigating the risks of tomorrow. And into the future. Our solutions are tailored to our customers and their unique context. Around the clock, 365 days per year, our customers are never alone. SecurityHQ Were focused on engineering cybersecurity, by design.

Additional Desired Skills:

Leadership & Behavioral Expectations:

Act as a trusted technical authority for both clients and internal teams.

Demonstrates ownership, decisiveness, and accountability

Communicates complex technical matters clearly and confidently

Maintains composure during high-pressure incidents and escalations

Mentors L3 engineers and uplifts overall technical maturity

Drives long-term stability over short-term fixes

Experience & Qualification Expectations:

• 10+ years in security device/network platform engineering
• 5+ years in senior technical authority, SME, or client-facing lead roles
• Proven experience owning large or complex customer environments
• Demonstrated leadership during major disruptions and migrations

Certifications (Strongly Preferred)

• Expert-level vendor certification for at least one major security control vendor
• Advanced networking or architecture certifications (advantage)
• ITIL Foundation or higher (desired)
• Architecture or design certifications (beneficial, not mandatory)

Broad SOC, threat-hunting, or compliance certifications are not required