Principal Engineer (Product & Application Security)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Principal Engineer (Product & Application Security): Leading the technical vision and security architecture for a multi-tenant SaaS platform with an accent on AI-first system security, supply-chain integrity, and zero-trust data protection. Focus on defining organization-wide secure-by-design paradigms, mentoring senior security staff, and driving strategic security initiatives across a massive engineering estate.
Location: Must be based in or able to commute to San Mateo, CA (Hybrid: 3x/week onsite)
Salary: $241,000 - $298,000
Company
builds uncomplicated service software that delivers exceptional employee and customer experiences through AI-first CX and IT solutions.
What you will do
- Define the multi-year technical vision and architecture strategy for product and application security.
- Lead threat modeling and security design reviews for critical, high-risk systems including identity, integrations, and agent runtimes.
- Establish organization-wide secure-by-design standards for authN/authZ, tenant isolation, and API security.
- Drive the strategic security agenda for AI-first platforms, including prompt injection defense and agentic workflow security.
- Act as the top technical escalation point for severe security incidents and architectural hardening.
- Mentor Staff and Senior Staff engineers to build a durable security-champion culture.
Requirements
- 12+ years of experience in software engineering and/or security with deep ownership of production SaaS at enterprise scale.
- Must be based in or able to commute to San Mateo, CA for a hybrid role (3 days/week onsite).
- Deep expertise in securing multi-tenant, cloud-native SaaS platforms, preferably on AWS.
- Authoritative knowledge of OWASP frameworks, authentication models (OAuth, OIDC, SAML), and cryptographic standards.
- Strong coding ability in Ruby, Java, Go, Python, or JavaScript/TypeScript for building reference implementations.
- Proven track record of influencing engineering organizations and senior leadership through technical credibility.
Nice to have
- Experience securing ITSM, CX/CRM, or service-management products.
- Recognized external contributions such as open-source projects, research, or conference talks.
- Industry certifications like OSCP, OSWE, or CISSP.
- Familiarity with modern AI/ML stacks including LLMs, RAG pipelines, and agent frameworks.
Culture & Benefits
- Comprehensive insurance options including dental, medical, vision, disability, and life.
- Equity and Employee Stock Purchase Plan (ESPP).
- Flexible PTO and wellness benefits.
- Supportive environment with parental and adoption leave.
- Commitment to diversity, equity, and inclusion in the workplace.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →