Job Summary:
FTAI Aviation is a company focused on the maintenance, repair, and exchange of jet engines. They are seeking a Principal Security Engineer to lead their security program in a regulated environment, implementing technical controls and driving related policies while collaborating with various teams.
Responsibilities:
• Drive the technical cybersecurity strategy and roadmap; report security posture and material risk to senior leadership
• Design, configure, and maintain hands-on controls across network, endpoint, identity, and cloud (firewall rules, segmentation, VPNs, IDS/IPS, EDR, MFA)
• Develop and maintain security policies aligned to NIST CSF, ISO 27001, and CIS and to regulatory requirements, ensuring controls actually enforce them
• Manage and tune the security stack (SIEM, EDR, email security); build detection rules, alerts, and dashboards
• Lead incident response end to end and drive risk-based vulnerability and patch management to closure across infrastructure, endpoints, and cloud
• Own the controls framework and third-party/vendor risk program, coordinating with internal audit/GRC and the legal team
• Collaborate with MSP and vCISO (managing scope, SLAs, escalation) while keeping core decisions in-house
• Harden identity infrastructure (AD/Entra ID) and run the security awareness program across sites
Qualifications:
Required:
• 7+ years across IT and cybersecurity, including a hands-on technical foundation and 3+ years driving a security program as a senior individual contributor
• Proven ability to both implement technical controls and author the policies and governance behind them
• Experience securing a public and/or regulated, multi-site environment (e.g., SOX, FINRA, FAA), including audit and control ownership
• Command of NIST CSF, ISO 27001, CIS, and SOX/ITGC, with experience owning control evidence through external audits
• Strong cloud (Azure and/or AWS) and enterprise network security—firewalls, VPNs, segmentation, and IDS/IPS
• Hands-on with SIEM (e.g., Microsoft Sentinel) and endpoint protection (e.g., SentinelOne), plus scripting (PowerShell and/or Python) and identity hardening (AD/Entra ID)
Company:
FTAI combines advanced turbine technology and asset ownership to power the world’s most essential markets. Founded in 2011, the company is headquartered in New York, USA, with a team of 501-1000 employees. The company is currently Late Stage.