The Ro le A Principal Security Governance Consultant is expected to have a deep level of expertise ... Review, analyze, and assess key factors, including inherent risk, mitigating controls, business ...
The Ro le A Principal Security Governance Consultant is expected to have a deep level of expertise ... Review, analyze, and assess key factors, including inherent risk, mitigating controls, business ...
Principal Security Assistant
Washington, DC · On-site
$40K - $50K/yr
The Security Assistant will perform analytical, planning, advisory, operational, or evaluative work that has as its principal purpose the development and implementation of policies, procedures ...
Principal Security Assistant
Washington, DC · On-site
$40K - $50K/yr
The Security Assistant will perform analytical, planning, advisory, operational, or evaluative work that has as its principal purpose the development and implementation of policies, procedures ...
INFORMATION SECURITY ANALYST
Visalia, CA · On-site
$112K - $141K/yr
The selected Security Analyst will be responsible for maintaining and managing the City ... As the Tulare County seat, Visalia is the principal retail center in the region, and home to ...
INFORMATION SECURITY ANALYST
Visalia, CA · On-site
$112K - $141K/yr
The selected Security Analyst will be responsible for maintaining and managing the City ... As the Tulare County seat, Visalia is the principal retail center in the region, and home to ...
Principal Security Specialist Location: Arlington, Virginia Duration: Full Time * Duties include ... Perform Risk Analysis; Work with ISSOs, developers, and System Owners on the assessment of systems ...
Principal Security Specialist Location: Arlington, Virginia Duration: Full Time * Duties include ... Perform Risk Analysis; Work with ISSOs, developers, and System Owners on the assessment of systems ...
Principal Security Engineer
$140K - $180K/yr
Description The Principal Security Engineer role will support the cyber team that handles the ... Analyzing a large set of cyber and technology and business information to develop strategic plans
Principal Security Engineer
$140K - $180K/yr
Description The Principal Security Engineer role will support the cyber team that handles the ... Analyzing a large set of cyber and technology and business information to develop strategic plans
Principal Security Assistant
Washington, DC · On-site
$40K - $50K/yr
The Security Assistant will perform analytical, planning, advisory, operational, or evaluative work that has as its principal purpose the development and implementation of policies, procedures ...
Principal Security Assistant
Washington, DC · On-site
$40K - $50K/yr
The Security Assistant will perform analytical, planning, advisory, operational, or evaluative work that has as its principal purpose the development and implementation of policies, procedures ...
The Lead Associate Principal, Security Assurance is responsible for leading the scoping, planning ... Analytical skills to successfully analyze, model, and present complex risk assessments * Ability to ...
The Lead Associate Principal, Security Assurance is responsible for leading the scoping, planning ... Analytical skills to successfully analyze, model, and present complex risk assessments * Ability to ...
Principal Security Assistant
Washington, DC · On-site
$40K - $50K/yr
The Security Assistant will perform analytical, planning, advisory, operational, or evaluative work that has as its principal purpose the development and implementation of policies, procedures ...
Principal Security Assistant
Washington, DC · On-site
$40K - $50K/yr
The Security Assistant will perform analytical, planning, advisory, operational, or evaluative work that has as its principal purpose the development and implementation of policies, procedures ...
The Lead Associate Principal, Security Assurance is responsible for leading the scoping, planning ... Analytical skills to successfully analyze, model, and present complex risk assessments * Ability to ...
The Lead Associate Principal, Security Assurance is responsible for leading the scoping, planning ... Analytical skills to successfully analyze, model, and present complex risk assessments * Ability to ...
If that resonates, consider joining us as a Senior or Principal Security Researcher on the Global ... We are looking for an experienced Senior Security Researcher with a proficient analytical ...
If that resonates, consider joining us as a Senior or Principal Security Researcher on the Global ... We are looking for an experienced Senior Security Researcher with a proficient analytical ...
The Lead Associate Principal, Security Assurance is responsible for leading the scoping, planning ... Analytical skills to successfully analyze, model, and present complex risk assessments * Ability to ...
The Lead Associate Principal, Security Assurance is responsible for leading the scoping, planning ... Analytical skills to successfully analyze, model, and present complex risk assessments * Ability to ...
Principal Security Engineer
San Jose, CA · On-site
$178K - $257K/yr
We are looking for a Principal Security Engineer to join our team in one of today's most exciting ... Monitoring and analysis of cyber security events with the use of Splunk (SIEM), SOAR, IDS, XDR ...
Principal Security Engineer
San Jose, CA · On-site
$178K - $257K/yr
We are looking for a Principal Security Engineer to join our team in one of today's most exciting ... Monitoring and analysis of cyber security events with the use of Splunk (SIEM), SOAR, IDS, XDR ...
Principal Security Engineer
Redmond, WA · On-site
The Principal Security Engineer role is for a hands-on systems architect who can turn ambiguous ... analytics, security incident and event management (SIEM), information technology (IT), or ...
Principal Security Engineer
Redmond, WA · On-site
The Principal Security Engineer role is for a hands-on systems architect who can turn ambiguous ... analytics, security incident and event management (SIEM), information technology (IT), or ...
Principal, Security Engineer
San Jose, CA · On-site
We are looking for a Principal Security Engineer to join our team in one of today's most exciting ... Conduct comprehensive risk assessments and vulnerability analyses to identify potential security ...
Principal, Security Engineer
San Jose, CA · On-site
We are looking for a Principal Security Engineer to join our team in one of today's most exciting ... Conduct comprehensive risk assessments and vulnerability analyses to identify potential security ...
Principal Incident Response Lead J ob Profile Summary The Principal Incident Response Lead position ... Strong ability to monitor, triage, and investigate security events; apply structured analysis for ...
Principal Incident Response Lead J ob Profile Summary The Principal Incident Response Lead position ... Strong ability to monitor, triage, and investigate security events; apply structured analysis for ...
... analysis for anomalous activity and adversary behaviors. • Experience with enterprise logging and telemetry pipelines, log onboarding strategies, and data quality expectations (coverage, fidelity ...
... analysis for anomalous activity and adversary behaviors. • Experience with enterprise logging and telemetry pipelines, log onboarding strategies, and data quality expectations (coverage, fidelity ...
Principal Incident Response Lead J ob Profile Summary The Principal Incident Response Lead position ... Strong ability to monitor, triage, and investigate security events; apply structured analysis for ...
Principal Incident Response Lead J ob Profile Summary The Principal Incident Response Lead position ... Strong ability to monitor, triage, and investigate security events; apply structured analysis for ...
The Verizon Network Security team is looking for a highly motivated and experienced Principal ... Execute root cause analysis for incidents, perform regular security control assessments, and lead ...
The Verizon Network Security team is looking for a highly motivated and experienced Principal ... Execute root cause analysis for incidents, perform regular security control assessments, and lead ...
... analysis for anomalous activity and adversary behaviors. • Experience with enterprise logging and telemetry pipelines, log onboarding strategies, and data quality expectations (coverage, fidelity ...
... analysis for anomalous activity and adversary behaviors. • Experience with enterprise logging and telemetry pipelines, log onboarding strategies, and data quality expectations (coverage, fidelity ...
Principal Information Security Analyst
Johnston, RI · On-site
$121K/yr
Relocation is not offered for this position Summary FM is seeking a Principal Information Security Analyst with deep expertise in cybersecurity regulatory compliance and oversight. In this high ...
Principal Information Security Analyst
Johnston, RI · On-site
$121K/yr
Relocation is not offered for this position Summary FM is seeking a Principal Information Security Analyst with deep expertise in cybersecurity regulatory compliance and oversight. In this high ...
Principal Security Analyst information
See salary details
$39.5K - $48.7K
1% of jobs
$48.7K - $58K
3% of jobs
$58K - $67.2K
4% of jobs
$67.2K - $76.4K
5% of jobs
$76.4K - $85.6K
6% of jobs
$92.9K is the 25th percentile. Wages below this are outliers.
$85.6K - $94.9K
6% of jobs
$94.9K - $104.1K
5% of jobs
The median wage is $109.5K / yr.
$104.1K - $113.3K
32% of jobs
$113.3K - $122.5K
3% of jobs
$125.1K is the 75th percentile. Wages above this are outliers.
$122.5K - $131.8K
32% of jobs
$131.8K - $141K
2% of jobs
$39.5K
$107.3K
$141K
How much do principal security analyst jobs pay per year?
Is 40 too old for cyber security?
What is the difference between Principal Security Analyst vs Security Engineer?
| Aspect | Principal Security Analyst | Security Engineer |
|---|---|---|
| Credentials | Certifications like CISSP, CISA, CISM | Certifications like CISSP, CEH, Security+ |
| Work Environment | Strategic security planning, policy development, risk assessment | Implementing security solutions, system configuration, vulnerability testing |
| Employer & Industry Usage | Financial, government, large enterprises | Tech companies, cybersecurity firms, IT departments |
While both roles focus on cybersecurity, the Principal Security Analyst primarily handles strategic planning, policy, and risk management, whereas the Security Engineer focuses on technical implementation and system security. Both roles often require similar certifications and work in related environments, but their core responsibilities differ significantly.
How does a Principal Security Analyst typically collaborate with other teams to enhance organizational security?
What are Principal Security Analysts?
What does a principal analyst do?
What are the key skills and qualifications needed to thrive as a Principal Security Analyst, and why are they important?
Can I make $200,000 a year in cyber security?
Can you make $500,000 a year in cyber security?

Job description
At Presidio, we're at the forefront of a global technology revolution, transforming industries through cutting-edge digital solutions and next-generation AI. We empower businesses - and their internal customers - to achieve more through innovation, automation, and intelligent insights.
The RoleA Principal Security Governance Consultant is expected to have a deep level of expertise and vast knowledge base in core information security governance, risk, compliance, and privacy domains. It is critical that a Principal Security Governance Consultant be able to present complex solutions and topics in a concise manner. The consultant must be comfortable blending multiple service offerings and deliverables into a single aggregate final risk report/deliverable and executive presentation for audiences of all levels and skillsets.
The consultant will have experience in reviewing, understanding, and interpreting risk management and compliance frameworks, security standards, and privacy models. The consultant must have a professional and practical understanding of Information Technology, including how technical and administrative controls are implemented across various industry verticals and company sizes. The candidate should be well versed in assessing said controls, understand how controls should be governed, and be able to assist in the strategic development of aligning security goals to business objectives.
As a PCI QSA company, we are expanding the pool of PCI Qualified Security Assessors (QSAs) and CMMC Registered Practitioners (RPs) on the Information Security Governance (ISG) team to meet client demand. The ideal consultant will have a certification from both List A and List B from the QSA qualification requirements listed below. If a certification has not yet been attained from either List A or List B, the consultant will be expected to attain a certification within the first 3 months of employment in order to register for PCI QSA training within 6 months of hire date and complete CPEs annually to renew certifications. If the consultant is not yet a CMMC RP, the consultant will be expected to attain CMMC RP certification within 3 months of attaining PCI QSA certification.
Travel Requirements:
This is a remote role located in the Continental US. You will be required to travel up to 30% to client locations to deliver professional services when needed.
Responsibilities Include:
- Lead client engagements and project execution providing information security consultation and assessment services, helping our clients meet their compliance obligations by evaluating their business, technology, and operations against industry security standards
- Educate, mentor, advise, and share your expertise with clients and colleagues to aid in making decisions on topics like Artificial Intelligence, organizational security strategy and services scope as well provide consultative guidance on complex projects
- Providing clear, organized findings and recommendations to clients and tracking progress towards resolution and compliance
- Consult/advise with C-level Security Leaders (CISO, CSO, CIO, etc.) and the Board of Directors with our most valued and strategic clients
- Develop strategic, operational, and tactical recommendations tailored to each client with the intent to improve a client's security posture and compliance position
- Create detailed strategic security roadmaps with short-term, mid-term, and long-term goals that prioritize remediation recommendations and address all instances of non-compliance with applicable regulatory, statutory, contractual, and organizational obligations
- Lead large security engagements in concert with other cybersecurity practices and Presidio teams
- Develop security policies, standards, and procedures that are custom-tailored to each client's unique culture, security goals, and organizational objectives using industry best practices and compliance requirements
- Review, analyze, and assess key factors, including inherent risk, mitigating controls, business impact, likelihood and other key elements to determine organizational security risk
- Ensure and assess client alignment to, and/or compliance with, applicable regulatory, federal, state, local, contractual, and organizational requirements and best practices standards such as ISO 27001, NIST Cyber Security Framework (CSF), PCI DSS, HIPAA, FERPA, NIST 800-171, CMMC, etc.
- Work closely with organizations to conduct security program development by establishing the foundation for a best of breed security program architecture reference model using industry frameworks and standards such as ISO 27001, NIST 800-53, NIST CSF, etc.
- Work with other seasoned Principal Security Consultants in a collaborative setting to support and assist on the execution and delivery of key services such as Cloud Governance, Advisory Services, security program development, documentation review, and security consulting services
- Execute tabletop exercises after collaborating with client stakeholders to select the scenario then create an After-Action Report
- Deliver PCI Advisory Services, including PCI Gap Analysis, SAQs, ROCs and AOCs
- Deliver CMMC Advisory Services, including CMMC Readiness Assessments
- Assist leadership in cybersecurity administrative functions, such as documentation maintenance, documentation creation, peer review, and other internal cybersecurity activities
Additional Professional Experience and Service Delivery Requirements:
- Strong professional expertise in information security with the ability to thoroughly understand complex principles and apply them practically
- Deliver consulting services on time and on budget
- Comfortably present security concepts and/or findings to both highly technical and entirely non-technical audiences
- Must be analytical, detail oriented, innovative, and recognize opportunities to provide value added consulting services to clients
- Ability to manage multiple and simultaneous clients, tasks, and responsibilities, work alone or in small teams, achieve established goals and objectives, and proactively communicate progress
- Ability to work collaboratively or independently as required by the engagement's needs
- Ability to be flexible and embrace change
- Continuously evolve approaches based on changing requirements, new information, or updated guidance
- Ability to manage multiple and changing priorities and tasks
Required Skills and Professsonal Experience:
- Bachelor's Degree with a focus on Information Security, IT, Computer Science, or Engineering preferred or the equivalent work experience and/or military experience
- 5-8 years previous consulting experience
- 5-8 years' experience conducting Information Security risk and compliance assessments
- 5-8 years' experience evaluating compliance with regulatory and key IT standards such as HIPAA, PCI DSS, NIST CSF, ISO 27001, and other similar standards/frameworks
- Cloud experience with AWS, Azure or Google Cloud Platform or non-foundational certification for any of these cloud platforms or one of the following cloud agnostic certifications: Certified Cloud Security Professional (CCSP), Certificate of Cloud Security Knowledge (CCSK), GIAC Cloud Security Essentials (GCLD)
- Possess at least one of the following accredited, industry-recognized professional certifications from each list:
- List A
- ISC2 Certified Information System Security Professional (CISSP)
- ISACA Certified Information Security Manager (CISM)
- Certified ISO 27001 Lead Implementer
- List B
- ISACA Certified Information Systems Auditor (CISA)
- GIAC Systems and Network Auditor (GSNA)
- Certified ISO 27001, Lead Auditor, Internal Auditor 1
- IRCA ISMS Auditor or higher-e.g., Auditor/Lead Auditor, Principal Auditor
- IIA Certified Internal Auditor (CIA)
- List A
Additional Professional Experience and Service Delivery Requirements:
- Strong professional expertise in information security with the ability to thoroughly understand complex principles and apply them practically
- Deliver consulting services on time and on budget
- Comfortably present security concepts and/or findings to both highly technical and entirely non-technical audiences
- Must be analytical, detail oriented, innovative, and recognize opportunities to provide value added consulting services to clients
- Ability to manage multiple and simultaneous clients, tasks, and responsibilities, work alone or in small teams, achieve established goals and objectives, and proactively communicate progress
- Ability to work collaboratively or independently as required by the engagement's needs
- Ability to be flexible and embrace change.
- Continuously evolve approaches based on changing requirements, new information, or updated guidance
- Ability to manage multiple and changing priorities and tasks
Preferred Skills and Professional Experience
- One or more AI certifications (e.g., ISO 42001, ISACA AAISM, ISACA AAIR, IAPP AIGP)
- Experience leading AI security assessments, maturity reviews, and developing remediation roadmaps for clients
- Ability to translate technical AI risks into executive-level recommendations and measurable controls
Your future at PresidioJoiningPresidio means stepping into a culture of trailblazers - thinkers, builders, and collaborators - who push the boundaries of what's possible. With our expertise AI-driven analytics, cloud solutions, cybersecurity, and next-gen infrastructure, we enable businesses to stay ahead in an ever-evolving digital world.
Here, your impact is real. Whether you're harnessing the power of Generative AI, architecting resilient digital ecosystems, or driving data-driven transformation, you'll be part of a team that is shaping the future.
Ready to innovate? Let's redefine what's next-together.
About Presidio
Presidio is committed to hiring the most qualified candidates to join our amazing culture. We aim to attract and hire top talent from all backgrounds, including underrepresented and marginalized communities. We encourage women, people of color, people with disabilities, and veterans to apply for open roles at Presidio. Diversity of skills and thought is a key component to our business success.
At Presidio, speed and quality meet technology and innovation. Presidio is a trusted ally for organizations across industries with a decades-long history of building traditional IT foundations and deep expertise in AI and automation, security, networking, digital transformation, and cloud computing. Presidio fills gaps, removes hurdles, optimizes costs, and reduces risk. Presidio's expert technical team develops custom applications, provides managed services, and enables actionable data insights and builds forward-thinking solutions that drive strategic outcomes for clients globally. For more information visit
****
Applications will be accepted on a rolling basis.
Presidio has a strong commitment to the community we serve and our employees. As an Equal Opportunity Employer, we strive to have a workforce that includes the community we serve.
Presidio is an Equal Opportunity Employer Disability/Vets. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information, and other legally protected categories.
The "Know Your Rights" Poster is available here: https://www.eeoc.gov/poster
Presidio EEO Policy Statement is available here: https://www.presidio.com/careers
Presidio is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to recruitment@presidio.com and let us know the nature of your request and your contact information.
Presidio is a VEVRAA Federal Contractor requesting priority referrals of protected veterans for its openings. State Employment Services, please provide priority referrals to.
Notice of Massachusetts Candidates: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
Recruitment Agencies, Please Note: Presidio does not accept unsolicited agency resumes/CVs. Do not forward resumes/CVs to our career's email address, Presidio employees or any other means. Presidio is not responsible for any feeds related to unsolicited resumes/CVs.
#LI-PH1
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws.
For further information, please review the Know Your Rights notice from the Department of Labor.