Principal Cyber Security Platform Engineer

Principal Cyber Security Engineer

At Jack Henry, we're more than a technology company, we're a force for good in financial services. We're redefining how community banks and credit unions connect with the people they serve. Our mission is rooted in people inspired innovation, empowering financial institutions to deliver seamless, secure, and human centered experiences. We deliver cutting-edge solutions that are paving the way for the next generation of digital banking and payments, but our true impact begins with our associates. If you're ready to help transform an industry and grow with a company that values purpose, collaboration, and excellence then we'd love to meet you.

We're looking for a Principal Cyber Security Engineer to join our Information Security team and play a pivotal role in safeguarding Jack Henry's infrastructure, platforms, and customer data. In this senior, highly impactful position, you'll leverage deep cybersecurity expertise to build, automate, and continuously elevate our security posture across both cloud and on-prem environments. You'll bring hands-on experience across a broad range of security domains including observability, cloud security, application security, DevSecOps, incident response, and identity and access management and thrive in a fast-paced, collaborative environment where innovation is encouraged, partnerships are key, and security is embedded into everything we do.

This position may be worked remotely within the United States, with the exception of California. All positions, regardless of location, may require an onsite interview or in-person onboarding requirement to verify your identity.

This position is ineligible for immigration sponsorship and support. Please do not apply if at any time you will need immigration support now or in the future (i.e., H-1B, PERM).

The salary range for this position is $145,450- $215,250 and will be determined based on location and experience level.

What you'll be responsible for:

• Build and operate security observability and monitoring capabilities, including SIEM, SOAR, and log aggregation, to enable real-time threat detection and response.
• Develop and tune detection rules, alerting, and dashboards to improve visibility, response times, and security KPIs.
• Implement and enforce security controls across multi-cloud environments (AWS, Azure, GCP), leveraging CSPM, CWPP, and CNAPP solutions to protect cloud infrastructure and workloads.
• Develop infrastructure-as-code and policy-as-code guardrails to ensure secure, consistent cloud deployments.
• Embed security into CI/CD pipelines, integrating tools such as SAST, DAST, SCA, and container scanning to advance DevSecOps practices and reduce vulnerabilities early.
• Partner with engineering teams on secure coding, threat modeling, and vulnerability remediation efforts.
• Support incident response and threat management, including escalation, investigation, and continuous improvement of playbooks and response processes.
• Implement and enhance identity and access management (IAM), including zero-trust principles, least-privilege access, MFA, and privileged access controls.
• Identify and mitigate security risks, ensuring alignment with regulatory and compliance requirements (SOC 2, PCI-DSS, FFIEC, NIST), while mentoring engineers and driving adoption of scalable security practices.
• May perform other job duties as assigned.

What you'll need to have:

• Minimum of 15 years of progressive experience in cyber security or site reliability engineering.
• Minimum of 5 years of hands-on experience with cloud platforms (AWS, Azure, or GCP) in a security-focused capacity.
• Minimum of 5 years of experience in cyber detection and incident response.
• Minimum of 3 years of experience with security observability and monitoring tools (SIEM, log management, APM).
• Demonstrated experience in DevSecOps practices.

What would be nice for you to have:

• Bachelor's degree in Computer Science, Cyber Security, Information Technology, Computer Engineering, or a closely related technical field.
• Strong knowledge of networking fundamentals (TCP/IP, DNS, TLS/SSL, VPN, firewalls, load balancers)
• Experience with container technologies (Docker, Kubernetes) and their associated security challenges
• Working knowledge of regulatory frameworks relevant to financial services (PCI-DSS, SOC 2, FFIEC, NIST 800-53)
• Familiarity with offensive security concepts, penetration testing methodologies, and red/blue/purple team exercises
• Experience in the financial services or fintech industry with knowledge of banking regulations and compliance requirements
• Experience with security automation and orchestration (SOAR) platforms
• Hands-on experience with zero-trust network architectures and micro-segmentation technologies
• Background in threat hunting, digital forensics, or malware analysis
• Experience leading or mentoring security engineering teams
• Contributions to open-source security tools or active participation in industry security communities (DEF CON, BSides, OWASP chapters)

If you got this far, we hope you're feeling excited about this opportunity. Even if you don't feel you meet every single requirement on this posting, we still encourage you to apply. We're looking for passionate, driven individuals who align with our mission and can bring unique perspectives to our team.

At Jack Henry, we live by the motto: "Do the right thing, do whatever it takes, and have fun." It's more than a tagline, it's the foundation of our culture. We recognize that our associates are the key to our success, and we're deeply committed to their wellbeing. That's why we offer comprehensive benefits designed to support your physical, mental, and financial health so you can thrive both personally and professionally.

We're also leading the way in technology modernization, helping financial institutions evolve with speed, security, and flexibility. Our strategy focuses on delivering secure data access, mitigating fraud, and enabling seamless integration. Empowering our teams to build innovative solutions that meet the evolving needs of accountholders.

Culture of Commitment

Ask our associates why they love Jack Henry, and many will tell you it is because our culture is exceptional. We do great things together. Our culture empowers us to rise to challenges, seek new opportunities, and support one another through change. It's this shared commitment that drives our success. We're proud to foster an environment where inclusion, sustainability, and community impact are more than values, they're how we operate. Visit our Corporate Sustainability site to learn more about our culture and commitment to our people, customers, community, environment, and shareholders.

Equal Employment Opportunity

At Jack Henry, we know we are better together. We value, respect, and protect the uniqueness each of us brings. Innovation flourishes by including all voices and makes our business - and our society - stronger. Jack Henry is an equal opportunity employer and we are committed to providing equal opportunity in all of our employment practices, including selection, hiring, performance management, promotion, transfer, compensation, benefits, education, training, social, and recreational activities to all persons regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, genetic information, pregnancy, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, and military and veteran status, or any other protected status protected by local, state or federal law.

No one will be subject to, and Jack Henry prohibits, any form of discipline, reprisal, intimidation, or retaliation for good faith reports or complaints of discrimination of any kind, pursuing any discrimination claim, or cooperating in related investigations.

Requests for full corporate job descriptions may be requested through the interview process at any time.