Full-Time Senior Product Security Architect

• Embed security throughout the SSDLC
• Partner with engineering teams to integrate secure design into microservices, APIs, and distributed systems
• Lead threat modeling, secure design reviews, and architecture conversations
• Drive secure coding expectations and secure defaults across multiple teams

• Strengthen engineering practices
• Guide teams through OWASP reasoning, protocol-level topics (TLS, mTLS, token flows), and secure design patterns
• Improve SSDLC processes, tooling, and CI/CD security
• Support architecture reviews and influence long-term technology strategy

• Container & cloud-native security
• Evaluate and help onboard container/K8s security tooling
• Provide guidance on runtime risks, image vulnerabilities, supply chain exposure, and K8s posture
• Define “what good looks like” for cloud-native workloads

• Cross-R&D leadership
• Build trust quickly with Development, SRE, and Product
• Communicate risk clearly and guide engineering tradeoffs
• Lead cross-team security initiatives that raise maturity across the organization

• Additional responsibilities
• Deliver training, mentorship, and awareness programs
• Support incident response and drive post-incident improvements
• Continuously research emerging threats and technologies
• Update security policies, standards, and architecture principles as the product evolves

• Secure design for microservices and APIs
• Threat modeling and vulnerability analysis
• Understanding how OWASP categories behave in distributed systems
• Strong comfort with code-adjacent conversations (flows, architecture, data paths)

• Embedded partnership with dev teams
• Experience shaping secure coding patterns, code review workflows, and CI/CD expectations
• Ability to balance security with engineering velocity

• Familiarity with container/K8s security concepts and tooling
• Understanding of workload identity, runtime protections, and image integrity

• Ability to influence engineering decisions and drive secure architecture across teams
• Strong communication skills with developers and engineering leaders

What is the last date for applying to the job?

Which countries are accepted for this remote job?