Principal Security Engineer

About the Role

Crane Company is seeking a hands-on Principal Security Engineer to help architect the next generation of our enterprise security capabilities and help transform the security of our technology environments. This is a rare opportunity to influence security at scale by building secure-by-design patterns, modernizing the global security technology stack, and partnering deeply with IT and cybersecurity teams across cloud, network, infrastructure, and application domains.

This role is ideal for those who gets energized solutions to complex problems, rationalizing tools, establishing patterns and guardrails, and elevating the security posture across diverse businesses and platforms with an eye on building for the future. If you enjoy creating clarity in complex technical environments, shaping enterprise-wide engineering standards, and delivering high-impact, measurable improvements to security capabilities this is your role. On-site candidates preferred, but remote candidates will also be considered.

Core Function

As a Principal Security Engineer, you will serve as a technical authority for secure architecture, platform security, and enterprise security engineering. You will drive the design, integration, and evolution of core security capabilities, ensuring scalable, consistent, and effective controls across Crane Company’s global operating environment, and focused on streamlining M&A processes for secured integrations of technology stacks.

This role focuses on building, integrating, and optimizing the underlying technologies that secure our cloud platforms, networks, endpoints, and infrastructure. You will evaluate existing controls, rationalize overlapping solutions, and lead the implementation of modern, centralized security capabilities.

Your work will directly influence strategic security investments and architectural decisions, and you will have a strong line to the CISO to drive secure design patterns and enterprise security maturity.

Key Responsibilities:

Secure Architecture & Engineering (Primary Focus)

• Design, implement, and evolve secure-by-design architectures for cloud, network, identity, endpoint, and infrastructure platforms.
• Partner closely with IT and engineering teams to embed security controls, guardrails, and patterns early in solution design.
• Lead consolidation and rationalization of the security technology stack, identifying redundancies and driving integration and modernization.
• Define and maintain security reference architectures, secure configuration baselines, and architectural patterns across platforms in current state, through M&A and supporting business growth.
• Evaluate emerging technologies to strengthen enterprise security capabilities while simplifying and centralizing the environment.
• Drive enterprise-wide adoption of zero trust principles, identity-centric controls, and strong segmentation practices.
• Build scalable automation for security services, control enforcement, and platform provisioning.

Security Technology Integration & Centralization

• Integrate disparate tools and telemetry sources into centralized, unified platforms.
• Streamline data flows across cloud, on-prem, and hybrid environments to support advanced monitoring and analytics.
• Engineer interoperability between core security capabilities
• Develop API-driven automation and orchestration to reduce manual effort and ensure consistent enforcement of controls.
• Lead technical roadmaps for critical security platforms, ensuring alignment across IT and security stakeholders.

Collaboration & Leadership

• Act as a trusted advisor to IT, cloud, network, and infrastructure teams for secure design and control implementation.
• Provide senior engineering guidance during major digital transformation initiatives, cloud migrations, and infrastructure modernization projects.
• Partner with security leadership to shape enterprise security strategy and long-term program development.
• Communicate complex technical concepts to both technical and executive audiences, influencing architectural decisions.

Support for Security Operations

• Provide expert engineering support to improve detection, prevention, and resilience capabilities.
• Assist in defining technical requirements for detection content, logging, and security telemetry (architecture-level input, not SOC operations).
• Inform security operations teams of architectural gaps and recommended improvements.

Qualifications & Competencies:

Required

• 10+ years in security engineering, secure architecture, or platform security roles.
• Deep expertise designing, integrating, and securing enterprise-scale systems across cloud, network, identity, and endpoint domains.
• Proven experience building or modernizing large-scale security capabilities and consolidating complex toolsets.
• Strong background in security standards, architectural patterns, and modern control frameworks (Zero Trust, CIS, NIST, MITRE ATT&CK).
• Hands-on engineering experience with automation, scripting, and API integrations (Python, PowerShell, REST APIs).
• Strong understanding of cloud-native security (Azure, AWS, OCI), hybrid environments, and infrastructure-as-code.
• Excellent communication skills, able to influence senior technical and business stakeholders.

Preferred

• Experience driving secure design reviews and threat modeling practices.
• Expertise with identity services (AAD/Entra, SSO, MFA, PAM, secrets management).
• Knowledge of modern security service architecture (EDR/XDR, SIEM, SOAR, vulnerability management, Cloud, sec/ops
• Professional certifications (e.g., CISSP, CCSP, GIAC Cloud, GDSA, GCSA).

This description has been designed to indicate the general nature and level of work being performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.

Crane Company. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, gender, sexual orientation, general identity, national origin, disability or veteran status.