Principal Security Engineer

Principal Security Engineer – India – Cybersecurity Engineering:

The Principal Security Engineer is a hands-on role that blends cloud security engineering with security operations and threat intelligence. This position plays an integral role in protecting Cornerstone OnDemand from internal and external threats, partnering closely with technology, product, and operations teams to define and enforce security best practices, automate controls, assess risks, and proactively detect, investigate, and respond to threats across the enterprise.

In this role you will..

• Lead security operations functions including detection engineering, monitoring, incident response, and threat hunting across cloud and enterprise environments.
• Analyze and improve Cornerstone’s security architecture.
• Evaluate, select and implement new security tools and practices.
• Develop and deploy automated security controls leveraging the security toolchain to detect, prevent, and remediate threats.
• Contribute to open-source threat intelligence initiatives.
• Conduct threat modeling, vulnerability assessments, penetration testing, and red/purple team exercises to uncover and remediate risks.
• Drive threat intelligence initiatives by ingesting and correlating intel feeds, monitoring dark web sources, and leveraging external attack surface monitoring and security rating services (e.g., Security Scorecard, BitSight).
• Proactively hunt for malicious or anomalous activity in EDR, SIEM, and cloud telemetry to identify evolving attacker tactics, techniques, and procedures (TTPs).
• Coordinate and lead investigations into security incidents, collaborating with SOC, IT, DevOps, and product teams to ensure timely response and recovery.
• Perform security architecture and design reviews with engineering teams to integrate security standards into development and deployment lifecycles.
• Provide security recommendations for cloud infrastructure, enterprise IT, and SaaS services, defining and enforcing policies and standards.
• Stay current on adversary trends, industry threat reports, and emerging attack vectors to continually improve detection and prevention capabilities.
• Provide hands-on support across a wide range of security technologies, including EDR, SIEM, IDS/IPS, vulnerability management tools, container/Kubernetes security, and automation frameworks.

You’ve got what it takes if you have…

• A degree in Cybersecurity, Information Security, Computer Science, or a related technical field, or equivalent work experience.
• Industry recognized certifications are a plus. Certifications may include CISSP, CISM, CEH, CompTIA Security+, certifications issued by the SANS Institute, public cloud providers (AWS, GCP) etc.
• 7+ years of experience in security engineering, operations, and/or threat intelligence.
• Strong understanding of incident response, SOC operations, detection engineering, and cyber kill chain/ATT&CK framework.
• Proven experience with EDR platforms (e.g., CrowdStrike, SentinelOne, Carbon Black), SIEM solutions (Splunk, ELK, Chronicle), and cloud-native monitoring tools.
• Experience with dark web monitoring, external attack surface management (ASM), and third-party risk/security rating platforms.
• Deep knowledge of vulnerability management platforms (e.g., Qualys, Tenable, Rapid7) and risk-based prioritization approaches.
• Strong background in networking concepts and protocols (TCP/IP, HTTP, DNS, TLS) and security technologies (firewalls, IDS/IPS, cryptography, IAM).
• Hands-on experience with AWS and GCP security services; Azure familiarity a plus.
• Demonstrated ability to automate detection, response, and remediation workflows.
• Excellent problem-solving, analytical, and communication skills with the ability to influence technical and executive stakeholders.

#LI-Onsite

Our Culture:

Our mission is to empower people, businesses and communities. A culture created less by what we do and more by who we are. When people ask what our team is about, we point to our core values: champion customer success, bring our best, achieve together, get stuff done, and innovate every day. We're always on the lookout for new, curious and capable people who can help us achieve our goal and we are seeking diversity in the people who join our team. We want to make sure that our company reflects the demographic of our customers, clients, and the communities in which we operate. So if you want to work for a friendly, global, inclusive and innovative company, we'd love to meet you!

What We Do:

Cornerstone is a premier people development company. We believe people can achieve anything when they have the right development and growth opportunities. We offer organizations the technology, content, expertise and specialized focus to help them realize the potential of their people. Featuring comprehensive recruiting, personalized learning, modern training content, development-driven performance management and holistic employee data management and insights, Cornerstone’s people development solutions are successfully used by more than 100 million+ people in 180+ countries and in nearly 50 languages.

Cornerstone takes special care to ensure the security and privacy of the data of its users.

Check us out on LinkedIn, Comparably, Glassdoor, and Facebook!