Principal Engineer

Job Description

The principal Engineer (L4) is the technical authority to the client for the Managed Protect organisation, responsible for the overall success (technical), the stability of their managed environment(s) and the future evolution of their environment(s).

Principal Engineers Act As

Primary Technical Owners to each of their clients
Architects/Design Authorities for all aspects of their clients’ environments
Strategic Advisors on the evolution of the environments of the assigned clients
Final approver for all escalations, workflows & vendor engagement Activities

In addition to these duties, the principal engineers will provide immediate resolution to any issues that arise in their customers’ environment, proactively improve their managed environments, and will continue to align their customers’ current and future needs with the capabilities of the Managed Protect services. As such, this role includes deep, hands-on technical knowledge combined with an understanding of architecture and ultimately serves as a decision-maker for the service delivery to the client

Responsibilities

Client Ownership & Accountability (Primary Responsibility)

Responsibilities Include

Full technical ownership of all Managed Protect services delivered to assigned clients
Accountability for the availability, stability, and performance of managed security platforms
Ensuring incidents, escalations, and outages are driven to swift and effective resolution
Acting as the final decision-maker for technical direction related to the client’s environment
Proactively identifying risks, gaps, and improvement opportunities

Principal engineers are ultimately accountable for technical outcomes, not just guidance.

Strategy, Roadmap & Client Engagement
Define and maintain a proactive technical roadmap for each assigned client
Adjust Managed Protect service delivery with the client’s requirements.
Lead Monthly Service Review / Quarterly Technical Governance Meetings with clients, covering:
Managed devices’ health and performance
PIR and RCA outcomes
Improvement initiatives and roadmap progress
Upcoming changes, upgrades, or migrations
Translate operational findings into strategic improvement plans

Architecture, Design & Professional Services

Escalation Control & Incident Accountability
Act as the final internal escalation authority for assigned clients
Approve and control all vendor TAC escalations, including:
Decision to engage vendor
Escalation priority and severity
Technical direction provided to vendor
Guide lead engineers during complex incidents requiring architectural insight
Ensure:
Clear ownership of resolution
Minimal disruption duration
Long-term corrective actions are defined and tracked

Principal engineers are ultimately responsible for resolution, even when execution is delegated.

Workflow Governance & Quality Control
Approve and control technical workflows related to assigned clients, including:
Complex changes
Non-standard configurations
High-risk operations
Ensure consistency, quality, and adherence to Managed Protect standards
Act as the quality gate between operations, projects, and client expectations
Solid understanding and application of ITIL principles, especially:
Incident Management
Change Management
Problem Management

Principal engineers are responsible for applying standards to operations and ensuring service quality.

About SHQ

SecurityHQ is a global cybersecurity company. Our specialist teams design, engineer and manage solutions that do three things: Promote clarity and trust in a complex world. Build momentum around improving security posture. And increase the value of cybersecurity investment within organizations. Free from limitations, and inclusive of all requirements, we focus on defending today, while mitigating the risks of tomorrow. And into the future. Our solutions are tailored to our customers and their unique context. Around the clock, 365 days per year, our customers are never alone. SecurityHQ – We’re focused on engineering cybersecurity, by design.

Job Reference Number

IN015

Additional Desired Skills

Leadership & Behavioural Expectations:

Act as a trusted technical authority for both clients and internal teams.
Demonstrates ownership, decisiveness, and accountability
Communicates complex technical matters clearly and confidently
Maintains composure during high-pressure incidents and escalations
Mentors L3 engineers and uplifts overall technical maturity
Drives long-term stability over short-term fixes

Experience & Qualification Expectations

10+ years in security device/network platform engineering
5+ years in senior technical authority, SME, or client-facing lead roles
Proven experience owning large or complex customer environments
Demonstrated leadership during major disruptions and migrations

Certifications (Strongly Preferred)

Expert-level vendor certification for at least one major security control vendor
Advanced networking or architecture certifications (advantage)
ITIL Foundation or higher (desired)
Architecture or design certifications (beneficial, not mandatory)

Broad SOC, threat-hunting, or compliance certifications are not required