New

Principal Cybersecurity Engineer (Incident Response)

Vaco
$190,000.00 - $215,000.00 / yr
401(k), retirement plan
United States, Texas, Arlington
Mar 03, 2026
Principal Cybersecurity Engineer DETAILS Location: Arlington, TX 76014 (M-Th onsite / non-negotiable) Position Type: Direct-Hire Hourly / Salary: to $215K + 15% annual bonus JOB SUMMARY Vaco is currently seeking a Principal Cybersecurity Engineer for a Direct-Hire opportunity that is located in Arlington, TX 76014 (M-Th onsite / non-negotiable). The Principal Cybersecurity Engineer will be a key influencer to achieve strategic alignment and deliver business value. The Principal Cybersecurity Engineer will work with leaders in the business segment to identify initiatives with high impact which drive the business strategy forward. The Principal Cybersecurity Engineer must be an innovator and an avid promoter of process improvement in specific technical disciplines using the appropriate methodologies to enhance productivity and performance of assigned business area. The Principal Cybersecurity Engineer will be established and recognized internally and externally and will represent the organization within the broader community, serving as an unofficial ambassador and maintaining strong professional relationships. Incident Response Participation - Participate in Incident Investigations Across Detection / Containment / Eradication / Recovery / Post-Incident Reviews IR Tooling / Enhancement - Enhance Incident Response Tools / Scripts / Frameworks \| Improving Detection / Response / Investigation Efficiency, Accuracy, and Scalability Forensics / Malware Analysis - Conduct Memory / Network / Host / Cloud Forensics \| Malware Reverse-Engineering \| Automated Triage Remediation Planning - Create Customized Tactical / Strategic Remediation Plans for Alerts / Incidents Identified Internally and in the Wild Across the GMF Landscape Incident Reporting - Produce Analytical Findings Through Clear / Technical Post-Incident Reports Threat Intelligence Enablement - Identify / Codify Attacker TTPs and IOCs \| Feed Intelligence Into Detection Pipelines / IR Playbooks Security Exposure Analysis - Gather / Analyze Cybersecurity Data / Technology Tool Outputs / Risk Systems \| Identifying Security Exposures Threat Simulation / Readiness - Participate in Tabletop Exercises / Purple Team Sessions / Threat Fencing Simulations Log / Alert Analysis - Perform Analysis of SIEM Alerts / IDS / IPS Alerts / Host Activity / Network Traffic \| Identifying Suspicious / Anomalous Activity Threat Landscape Monitoring - Stay Ahead of Emerging Threats (Zero-Days / Vulnerabilities / Advanced Persistent Threats) JOB REQUIREMENTS Principal Cybersecurity Engineer / Incident Response - Conducting / Managing Incident Response Investigations \| Targeted Threats (Advanced Persistent Threats / Organized Crime / Hacktivists) Threat Intelligence / IR Tools - Threat Intelligence / Detection Rules / Forensic Analysis Tools to Assess Scope / Impact of Security Incidents Incident Response Investigations - Conducted / Managed Investigations Involving Targeted Threats (Advanced Persistent Threats / Organized Crime / Hacktivists) Risk / Threat Hunting - Developed / Implemented Risk / Threat Hunting Methodologies Across Enterprise Environments Forensics Expertise - Network / Endpoint / Memory / Disk / Cloud Forensics \| Cloud IR on Azure / AWS (Logging / Monitoring Implementation) Global Threat Awareness (knowledge) - Cyber Threat Landscape / Threat Actors, Adversary TTPs / IOCs / MITRE ATT&CK / RE&ACT Frameworks Case Management - Managing Workflows / Incident Communication / Data Retrieval for IR Cases Scripting / Automation - Python / PowerShell / Bash / Jupyter / Anaconda \| Modular Code Deployable Remotely \| CI/CD / Detection-as-Code Integration API Development - Construction / Testing of APIs for Automation / Tooling Enhancements NIST Compliance (knowledge) - NIST Incident Response Roles / Capabilities Networking / Protocols - TCP/IP Networking / OSI Model / IP Subnetting / Secure Network Architecture / Network Operations / Application Layer Protocols (HTTP / SSH / SSL/TLS / DNS) / Common Network Protocols / Design Patterns (FTP / SFTP / SSH / RDP / CIFS/SMB / NFS) Analysis Tools - Bro / Zeek / Suricata / Splunk SPL \| Network Log Analysis \| Data Correlation Operating Systems (deep expertise) - Windows OS Expertise \| UNIX / Linux / MacOS Knowledge (general knowledge) Code / Data Analysis - Source Code / Hex / Binary / Regex / Log/Data Correlation Analysis Malware Analysis (proficiency) - Yara/Rule Creation / Malware Evasion Techniques (knowledge) \| Static / Dynamic / Automated Malware Analysis \| Reverse Engineering of Complex File Formats / Malware Samples / Reporting Data Science Application - Core Principles Applied to Security Analytics / Incident Response Determining compensation for this role (and others) at Vaco/Highspring depends upon a wide array of factors including but not limited to the individual's skill sets, experience and training, licensure and certifications, office location and other geographic considerations, as well as other business and organizational needs. With that said, as required by local law in geographies that require salary range disclosure, Vaco/Highspring notes the salary range for the role is noted in this job posting. The individual may also be eligible for discretionary bonuses, and can participate in medical, dental, and vision benefits as well as the company's 401(k) retirement plan. Additional disclaimer: Unless otherwise noted in the job description, the position Vaco/Highspring is filing for is occupied. Please note, however, that Vaco/Highspring is regularly asked to provide talent to other organizations. By submitting to this position, you are agreeing to be included in our talent pool for future hiring for similarly qualified positions. Submissions to this position are subject to the use of AI to perform preliminary candidate screenings, focused on ensuring minimum job requirements noted in the position are satisfied. Further assessment of candidates beyond this initial phase within Vaco/Highspring will be otherwise assessed by recruiters and hiring managers. Vaco/Highspring does not have knowledge of the tools used by its clients in making final hiring decisions and cannot opine on their use of AI products. Vaco by Highspring values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. EEO Notice Vaco by Highspring is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race (including but not limited to traits historically associated with race such as hair texture and hair style), color, sex (includes pregnancy or related conditions), religion or creed, national origin, citizenship, age, disability, status as a veteran, union membership, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, political affiliation, or any other protected characteristics as required by federal, state or local law. Vaco by Highspring and its parents, affiliates, and subsidiaries are committed to the full inclusion of all qualified individuals. As part of this commitment, Vaco by Highspring and its parents, affiliates, and subsidiaries will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact HR@vaco.com . Vaco by Highspring also wants all applicants to know their rights that workplace discrimination is illegal. By submitting to this position, you agree that you will be giving Vaco by Highspring the exclusive right to present your as a candidate for the foregoing employment opportunity. You further agree that you have represented information about yourself accurately and have not affirmatively misrepresented your qualifications. You also agree to maintain as confidential, to the fullest extent permitted by law, any information you learn from Vaco by Highspring about the position and you will limit disclosure of information about the position only to the extent necessary to perform any obligations in furtherance of your application. In exchange, Vaco by Highspring agrees to exercise reasonable efforts to represent you through all solicitation, job screening and resume dispersal. Privacy Notice Vaco by Highspring and its parents, affiliates, and subsidiaries ("we," "our," or "Vaco by Highspring") respects your privacy and are committed to providing transparent notice of our policies. California residents may access Vaco by Highspring HR Notice at Collection for California Applicants and Employees here. Virginia residents may access our state specific policies here. Residents of all other states may access our policies here. Canadian residents may access our policies in English here and in French here. Residents of countries governed by GDPR may access our policies here. Pay Transparency Notice Determining compensation for this role (and others) at Vaco by Highspring depends upon a wide array of factors including but not limited to: the individual's skill sets, experience and training; licensure and certification requirements; office location and other geographic considerations; other business and organizational needs. With that said, as required by local law, Vaco by Highspring believes that the following salary range referenced above reasonably estimates the base compensation for an individual hired into this position in geographies that require salary range disclosure. The individual may also be eligible for discretionary bonuses.