Software Guidance & Assistance, Inc., (SGA), is searching for a Principal Cybersecurity Engineer for a Direct Hire opportunity with one of our premier clients in McConnellsburg, PA.

Serve as a cybersecurity expert or coach in areas including network and application design, operating systems, endpoint protection, mobile device security, and foundational cybersecurity controls across on-premises and cloud environments (IaaS, PaaS, SaaS). Conduct security assessments and recommend appropriate controls to ensure solutions meet regulatory, contractual, and corporate security policies. Act as a trusted advisor to business functional areas (, Finance, HR, Engineering) and internal Digital Technology (DT) teams (, infrastructure, applications, services). Ensure alignment between business and technical requirements and compliance with regulatory and contractual obligations. Advocate for cybersecurity risk mitigation during planning and implementation of new services. Provide cybersecurity consulting to a wide range of stakeholders, including business units with limited technical knowledge, technical teams with deep domain expertise, and cybersecurity professionals. Collaborate with technology architects and analysts to ensure security is embedded in systems design and implementation, effectively mitigating identified risks while supporting business goals. Maintain expert-level awareness of cybersecurity regulations and best practices, including CMMC, PCI, SOC, HIPAA, and NIST (-, -). Contribute to the development and continuous improvement of cybersecurity strategies and roadmaps. Develop and update metrics to measure the effectiveness of cybersecurity programs. Support the Cybersecurity Education & Awareness (SEA) program by creating strategies and content to promote positive security behaviors and raise global awareness. Use programming and scripting skills to automate tasks such as data parsing, reporting, and other repeatable workflows. Support the Security Incident Response Team (SIRT) in detecting, responding to, and recovering from security incidents, employing risk-based strategies to limit impact and recurrence. Collaborate with SIRT to enhance processes, procedures, and training materials—such as investigation playbooks—and participate in threat hunts and purple team exercises to deepen knowledge of the environment. MINIMUM QUALIFICATIONS Bachelor's degree in Cybersecurity, Information Systems, or a related field, or equivalent experience. Eight () or more years of cybersecurity experience. STANDOUT QUALIFICATIONS Graduate degree in Cybersecurity, Information Systems, Management, or related discipline. Strong conceptual, analytical, and innovative problem-solving skills. Demonstrated knowledge of security controls for networks, applications, and operating systems. Excellent communication skills—both verbal (, phone, one-on-one, group presentations) and written (, email, reports, documentation)—across technical and non-technical audiences. Experience leading or contributing to complex projects involving multiple technologies and lines of business. Industry-recognized certifications (, CISSP, CEH, GIAC, Security+, SSAP). Experience identifying attacker techniques, including emerging vulnerabilities, attack vectors, and exploits. In-depth knowledge of cybersecurity tools and systems, including SIEM, SOAR, IDS/IPS, honeypots, open-source intelligence (OSINT), and sandbox analysis tools. Ability to obtain or maintain a Government Secret-level (or higher) security clearance. Hands-on experience with: SIEM/SOAR platforms (, Splunk, IBM QRadar, Palo Alto XSOAR) Hands-on experience with: Identity and Access Management (IAM) tools (, SailPoint, Azure Entra, Okta) Hands-on experience with N etwork tools and platforms (, Cisco, Palo Alto Networks, SolarWinds)