Principal Engineer - Proxy Team

Company: Truist Bank
Location: Forest Hills
Posted on: April 1, 2026

Job Description:

The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status. Need Help? If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to Accessibility (accommodation requests only; other inquiries won't receive a response). Regular or Temporary: Regular Language Fluency: English (Required) Work Shift: 1st shift (United States of America) Please review the following job description: The Principal Engineer for the Proxy Team serves as the organization’s senior technical authority for internet access and control. This role provides strategic leadership, architectural oversight, and expert-level guidance for all Proxy tools, capabilities, and processes. The Principal Engineer drives the long-term roadmap for Proxy internet access and control, ensures alignment with enterprise security strategy, and partners with engineering, operations, and leadership teams to mature control, detection, response, and resilience across the environment. Job Description: The Principal Engineer for the Proxy Team serves as the organization’s senior technical authority for internet access and control. This role provides strategic leadership, architectural oversight, and expert-level guidance for all Proxy tools, capabilities, and processes. The Principal Engineer drives the long-term roadmap for Proxy internet access and control, ensures alignment with enterprise security strategy, and partners with engineering, operations, and leadership teams to mature control, detection, response, and resilience across the environment. ESSENTIAL DUTIES AND RESPONSIBILITIES Strategic Leadership & Ownership Serve as the strategic owner of the organization’s Proxy internet access and control platforms, ensuring tools are fully leveraged, optimized, and aligned with enterprise risk-management goals. Define and evolve the Proxy internet access and control roadmap, identifying future capabilities, technology gaps, and opportunities for automation and innovation. Provide expert analysis and recommendations on strategic direction, investment needs, and emerging threats that impact Proxy internet access and control. Technical Expertise & Architecture Architect and maintain scalable, resilient Proxy internet access and control solutions across diverse operating systems and environments. Lead technical deep dives, threat modeling, and architecture reviews to ensure continuous improvement and coverage expansion. Oversee integration of Proxy internet access and control with SIEM, SOAR, vulnerability management, asset inventory, EDR and other core security platforms. Detection, Response, and Operations Guide the creation, tuning, and lifecycle management of access control policy within the Proxy internet access and control tools. Partner with incident response teams to ensure rapid containment and remediation of Proxy internet access and control threats. Conduct advanced investigations and root-cause analyses for complex or high-severity incidents. Governance, Standards, and Best Practices Establish and maintain Proxy internet access and control standards, policies, and hardening guidelines. Evaluate and report on Proxy internet access and control, performance metrics, detection efficacy, and risk trends. Ensure the Proxy internet access and control program aligns with regulatory requirements, security frameworks, and organizational risk controls. Collaboration & Leadership Act as a senior advisor to engineering, operations, and leadership teams on Proxy internet access and control strategy. Mentor engineers and analysts, fostering a culture of continuous learning and operational excellence. Lead cross-functional initiatives to enhance enterprise resilience and reduce endpoint attack surface. QUALIFICATIONS Required Qualifications: The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. 8–12 years of experience in cybersecurity engineering, incident response, cloud or on-premise proxy tools, internet access and control, or related fields. Bachelor’s degree in Information Systems-related field, or equivalent education and related training. Deep expertise with modern proxy internet access and control platforms (e.g., Zscaler, Forcepoint, etc.). Strong understanding of web proxy technologies and protocols, SSL inspection, URL filtering, PAC file management, AI and ML detection and protection strategy, Secure Access Service Edge, Zero Trust Architecture, firewall integrations, operating systems, network fundamentals, and security architecture. Proven experience driving strategy or leading enterprise-scale security initiatives. Excellent communication skills with the ability to influence senior stakeholders and translate technical concepts into business impact. Strong business and financial acumen and effective communication skills Ability to establish strong relationships within the technical community. Ability to serve as a visionary concerning future technological capabilities and operational scenarios; ability to create new business models and technologies. Ability to create, manage and drive change. Ability to unify activities within the technology community, coordinating with other businesses and engineering organizations, as needed. Preferred Qualifications: Fifteen years of industry recognized experience and leadership Financial industry experience Experience with scripting/automation (PowerShell, Python), cloud security (AWS/Azure), and SOAR/SIEM integrations. General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist’s generous benefit plans, please visit our Benefits site . Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work. Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace. EEO is the Law E-Verify IER Right to Work

Keywords: Truist Bank, Greenwich , Principal Engineer - Proxy Team, IT / Software / Systems , Forest Hills, Connecticut