What’s Unique About You Is What Makes Us Better! Diversity is our strength and competitive advantage. Bring your flavor to the Papa John's team today!
Job Summary
The Principal Cybersecurity Engineer serves as a technical expert and strategic security engineer within the organization. This role provides deep technical leadership across enterprise security domains, including advanced threat defense, cloud security architecture, detection engineering, vulnerability reduction, incident response, and Zero Trust enablement.
The Principal Cybersecurity Engineer drives the design and implementation of scalable, robust, and proactive security capabilities that protect critical business assets. They influence strategic direction, mentor engineering teams, lead complex investigations, and partner with senior leadership to increase the organization’s overall security maturity. This is a hands-on expert role with substantial autonomy and impact.
Duties & Responsibilities (other duties as assigned
Security Architecture & Engineering Leadership
Architect, design, and implement advanced security capabilities across cloud, on-prem, and hybrid systems.
Serve as the top engineering authority for Zero Trust architecture, cloud security architecture, detection engineering, and data protection strategies.
Lead technical evaluations of new security technologies, tools, and platforms.
Collaborate with enterprise architecture to integrate security into major programs and cloud transformations.
Detection Engineering & Threat Defense
Build and optimize SIEM, EDR, NDR, and cloud detection logic, rules, and automated responses.
Lead advanced threat-hunting activities, identifying novel attack patterns and evolving adversary behaviors.
Create detection frameworks aligned to MITRE ATT&CK, CIS Controls, and PCI-DSS requirements.
Engineer telemetry pipelines, data collection standards, and monitoring strategies.
Incident Response & Cyber Crisis Leadership
Serve as the highest-level escalation point for major cyber incidents.
Direct containment, forensics, eradication, and recovery operations.
Conduct root cause analysis and design systemic improvements to prevent recurrence.
Mentor and guide junior responders in advanced IR methodologies.
Risk Reduction & Vulnerability Management
Lead enterprise vulnerability management strategy, including prioritization models and compensating controls.
Design hardened configurations, baselines, and secure CI/CD practices for cloud and infrastructure.
Partner with product, cloud, and infrastructure teams to eliminate systemic risks.
Ensure continuous measurement and reporting of vulnerability and risk posture.
Cloud Security Engineering
Architect security controls and guardrails across Azure, and GCP platforms.
Design secure patterns for identity, networking, encryption, key management, and workload protection.
Lead cloud threat modeling, secure design reviews, and red/blue collaboration activities.
Support security automation at scale through scripting, IaC, and cloud-native services.
Security Governance & Compliance Support
Align engineering efforts with CIS Controls v8.1, PCI-DSS 4.0.1, NIST, ISO 27001, and regulatory requirements.
Develop documentation, engineering standards, playbooks, and architecture artifacts.
Provide expert evidence and technical representation to auditors, regulators, and internal governance boards.
Everybody loves pizza, which means they also love the people who are behind the scenes working to deliver it. This is complex and challenging work – but let’s face it – it’s also pizza! If you want a fulfilling career with a company that’s always moving forward, we’re the right place.
Papa John's is a Federal Contract employer who participates in E-Verify to confirm employment eligibility for each new team member. For more information please view the following PDFs: E-Verify Poster (English) - Right to Work Poster (English) - E-Verify Poster (Spanish) - Right to Work Poster (Spanish) Papa John's is an Affirmative Action and Equal Opportunity Employer. For more information please click on the following PDF. See terms & conditions for site use.