Security Principal - HPE R&D Labs and Security Compliance

See all

Category

Job Type

Job Id

Security Principal - HPE R&D Labs and Security Compliance

This role has been designated as ‘Remote/Teleworker’, which means you will primarily work from home.

Job Description:

As a Security Principal, you'll play a critical role in protecting the integrity of HPE’s labs and non-production environments—collectively known as Local Risk Environments (LREs)—which are intentionally segmented from the corporate network to enable innovation while effectively managing risk. You’ll be responsible for ensuring these environments are designed, operated, and decommissioned in alignment with our security policies, risk frameworks, and regulatory obligations. This role strikes a balance between strategic leadership, strong risk management and business enablement—helping teams move fast without compromising security.

How You’ll Make Your Mark:

Reporting directly to the Senior Director of Governance, Risk, and Compliance (GRC), you’ll be a core member of the GRC leadership team with meaningful influence over enterprise security strategy, architecture decisions, and tooling investments.

With full ownership of the security program, you’ll lead its vision, execution, and ongoing evolution—including budget planning, control selection, and cross-functional alignment. This role offers a unique opportunity to shape how risk is governed in dynamic, high-velocity environments that power our innovation.

Collaboration is key—this role serves as a critical link between business units, IT, and security, ensuring that governance practices are practical, scalable, and support operational success.

Your subject matter expertise will be vital across projects involving new or evolving environments ensuring “secure-by-design” principles are embedded from the start.

Finally, you’ll continuously improve governance processes, evolving them to meet shifting business needs, regulatory changes, and emerging threats.

About You:

Key Competencies

Strategic risk management
Thinks holistically about security and business needs, balancing risk mitigation with organizational goals and resources.

Network security & segmentation
Skilled in designing and governing secure network architectures, with a focus on segmentation, zero trust, and reducing lateral movement risks in isolated environments.

Technical communication
Translates complex security concepts into clear, business-focused language tailored for non-technical audiences.

Defense-in-depth implementation
Designs and integrates layered security controls—including endpoint protection, vulnerability management, logging, and monitoring—to contain threats and minimize blast radius.

Cross-functional & cross-regional leadership
Drives collaboration across global teams and functions to align diverse stakeholders around shared security goals.

Qualifications and Education

• Bachelor's degree in information security, Information Technology, Risk Management, or a related field (master's preferred).
• Certifications such as CISM, CRISC, or similar preferred.

Desired experience

• 7+ years of experience in Information Security, IT Governance, or Risk Management.
• In addition to GRC expertise, candidates must have hands-on experience in multiple technical security domains, such as: Endpoint protection, Identity and access management (IAM), Vulnerability management, Security logging and monitoring, Network segmentation and zoning, Cloud security controls, Incident detection and response
• Demonstrated experience managing or governing secure environments, particularly in large or complex organizations.
• Deep understanding of information security principles, frameworks (e.g., NIST, ISO 27001), and regulatory requirements (e.g., GDPR, SOX).

Accountability, Accountability, Action Planning, Active Learning (Inactive), Active Listening, Agile Methodology, Bias, Business, Coaching, Creativity, Critical Thinking, Cybersecurity, Data Analysis Management, Data Collection Management (Inactive), Data Controls, Design Thinking, Development Methodologies, Empathy, Follow-Through, Growth Mindset, Implementation Methodologies, Infrastructure Design, Intellectual Curiosity (Inactive), Long Term Planning, Managing Ambiguity {+ 4 more}

Health & Wellbeing

We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing.

Personal & Professional Development

We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division.

Unconditional Inclusion

We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good.

#unitedstates

Job:

Information Technology

Job Level:

TCP_05

States with Pay Range Requirement

The expected salary/wage range for a U.S.-based hire filling this position is provided below. Actual offer may vary from this range based upon geographic location, work experience, education/training, and/or skill level. If this is a sales role, then the listed salary range reflects combined base salary and target-level sales compensation pay. If this is a non-sales role, then the listed salary range reflects base salary only. Variable incentives may also be offered. Information about employee benefits offered can be found at https://myhperewards.com/main/new-hire-enrollment.html.

USD Annual Salary: $117,500.00 - $270,000.00

Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities.

HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.