Назад
Company hidden
15 часов назад

Principal Engineer (Product & Application Security)

241 000 - 298 000$
Формат работы
hybrid
Тип работы
fulltime
Грейд
senior
Английский
c1
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Principal Engineer (Product & Application Security): Leading the technical vision and security architecture for a multi-tenant SaaS platform with an accent on AI-first system security, supply-chain integrity, and zero-trust data protection. Focus on defining organization-wide secure-by-design paradigms, mentoring senior security staff, and driving strategic security initiatives across a massive engineering estate.

Location: Must be based in or able to commute to San Mateo, CA (Hybrid: 3x/week onsite)

Salary: $241,000 - $298,000

Company

hirify.global builds uncomplicated service software that delivers exceptional employee and customer experiences through AI-first CX and IT solutions.

What you will do

  • Define the multi-year technical vision and architecture strategy for product and application security.
  • Lead threat modeling and security design reviews for critical, high-risk systems including identity, integrations, and agent runtimes.
  • Establish organization-wide secure-by-design standards for authN/authZ, tenant isolation, and API security.
  • Drive the strategic security agenda for AI-first platforms, including prompt injection defense and agentic workflow security.
  • Act as the top technical escalation point for severe security incidents and architectural hardening.
  • Mentor Staff and Senior Staff engineers to build a durable security-champion culture.

Requirements

  • 12+ years of experience in software engineering and/or security with deep ownership of production SaaS at enterprise scale.
  • Must be based in or able to commute to San Mateo, CA for a hybrid role (3 days/week onsite).
  • Deep expertise in securing multi-tenant, cloud-native SaaS platforms, preferably on AWS.
  • Authoritative knowledge of OWASP frameworks, authentication models (OAuth, OIDC, SAML), and cryptographic standards.
  • Strong coding ability in Ruby, Java, Go, Python, or JavaScript/TypeScript for building reference implementations.
  • Proven track record of influencing engineering organizations and senior leadership through technical credibility.

Nice to have

  • Experience securing ITSM, CX/CRM, or service-management products.
  • Recognized external contributions such as open-source projects, research, or conference talks.
  • Industry certifications like OSCP, OSWE, or CISSP.
  • Familiarity with modern AI/ML stacks including LLMs, RAG pipelines, and agent frameworks.

Culture & Benefits

  • Comprehensive insurance options including dental, medical, vision, disability, and life.
  • Equity and Employee Stock Purchase Plan (ESPP).
  • Flexible PTO and wellness benefits.
  • Supportive environment with parental and adoption leave.
  • Commitment to diversity, equity, and inclusion in the workplace.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →