Principal Product Security Architect

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Principal Product Security Architect Role Overview We are seeking an experienced Principal Product Security Architect to join our Product Security team as a player-coach, combining hands-on technical leadership with strategic security guidance. This role will drive security excellence across our product portfolio through risk assessment, architecture reviews, threat modeling, and by establishing secure development patterns that enable engineering teams to build security in from the start. You will serve as a trusted advisor to engineering leadership while remaining deeply technical and creating tangible security artifacts that scale across the organization. Key Responsibilities Security Architecture & Risk Assessment Partner with engineering teams early in the design process to embed security controls and minimize remediation costs Conduct comprehensive architecture reviews for major changes, new features, services, and products, identifying security risks and recommending mitigations Perform Architecture reviews and threat modeling exercises using frameworks such as STRIDE and/or attack trees to systematically identify and prioritize threats Author risk assessment reports for executive leadership, product management, and engineering stakeholders, translating technical findings into business impact Develop specific, timely, and thoughtful requirements and solution improvements that manage the risks identified in your assessment Build and maintain reference architectures that demonstrate secure design patterns for common use cases (microservices, APIs, data pipelines, etc.) Security At Scale Create and publish secure code snippets, libraries, and design patterns that serve as "paved pathways" for development teams Maintain a library of security patterns addressing common vulnerabilities (injection flaws, authentication weaknesses, cryptographic failures, etc.) that developers can leverage as pre-built mitigations to classes of vulnerabilities Develop comprehensive security guidance documentation, including secure coding standards, cryptography guidelines, and authentication/authorization patterns Build reusable security components and frameworks that make secure development the path of least resistance Establish security architecture principles and guardrails that balance security requirements with developer velocity Product Security Operations Actively use our products in realistic scenarios to identify security gaps, usability issues, and opportunities for security improvements Provide actionable feedback to product and engineering teams on security features, controls, and user experience Collaborate with Product Security Incident Response Team (PSIRT) on vulnerability analysis and remediation strategies Support security assessment efforts including penetration testing, code reviews, and security tooling integration Contribute to security compliance initiatives (FedRAMP, NIST SSDF.) through architecture documentation and control validation Leadership & Stakeholder Management Represent Product Security in technical design reviews, architecture review boards, and risk committees Serve as a security thought leader across engineering, product, and executive teams Mentor security engineers and champion security champions within development teams Build strong relationships with engineering leadership to influence security strategy and priorities Present security architecture decisions, risk trade-offs, and recommendations to senior leadership Drive cross-functional initiatives that improve security posture while maintaining development velocity Qualifications Requirements 13+ years of experience in information security with at least 5 years focused on product security, application security, or security architecture Deep expertise in secure software development lifecycle (SDLC) practices and modern development framewo ... (truncated, view full listing at source)