Principal Security Architect (Information Security)

As a Principal Security Architect, you will serve as the technical authority for our multi-cloud security strategy, defining the architectural 'North Star' for our cloud-native platforms to ensure they are secure by design. In this high-impact, 'player-coach' role, you will drive complex threat modeling, steer the architectural direction across GCP, AWS, Azure, and OCI, and partner with engineering leadership to embed security deep within our next-generation products.

• Define and maintain the authoritative security architecture patterns for services across multi-cloud environments, including GCP, AWS, Azure, OCI, and SAP.
• Lead the design of secure, scalable, and resilient systems by championing 'Security by Design' principles such as isolation, identity management (IAM), and data protection.
• Drive the architectural strategy and implementation of Zero Trust principles across development environments and production SaaS platforms.
• Own the organization's threat modeling methodology, facilitating deep-dive sessions for critical features to identify attack vectors in complex distributed systems.
• Translate architectural risks into actionable items for the Cybersecurity Risk Register, effectively communicating the business impact to leadership.
• Serve as a subject matter expert on security products (CWPP, CSPM, NGFW), advising product teams on architecting solutions to withstand modern adversary TTPs.
• Provide high-level technical guidance and mentorship to Staff and Senior security engineers, fostering a culture of engineering excellence and proactive security.
• Lead cross-functional 'Tiger Teams' through complex security implementations, acting as the bridge between Developer, Product Engineering, and InfoSec teams.

• 8+ years of experience in security engineering and/or security architecture, with at least 4+ years in a Principal or Lead capacity.
• Deep, hands-on architectural expertise in at least one major public cloud provider (GCP, AWS, Azure, OCI, or SAP) with a strong working knowledge of the others.
• Demonstrated sophisticated, deep knowledge and hands-on experience with modern Secure-by-Design, Privacy-by-Design, and Zero Trust principles and practices.
• Proven track record of executing complex threat models (e.g., STRIDE, PASTA, DREAD) for microservices and serverless architectures.
• Proficiency with a scripting language such as Python or Go and experience securing CI/CD pipelines.

• Experience securing AI/ML ecosystems, with a deep understanding of adversarial machine learning attacks and defenses for Large Language Models (LLMs).
• Deep understanding of the security vendor landscape, with experience designing or using CSPM, CWPP, or Container Security platforms.
• Exceptional ability to communicate technical risk to executive audiences and negotiate architectural trade-offs with product owners.
• Experience with well-architected frameworks (AWS, Azure, GCP) and their security pillars.

#LI-DP4