Talent.com
Product Security Architect
Product Security ArchitectAthena • Palo Alto, CA, United States
No longer accepting applications
Product Security Architect

Product Security Architect

Athena • Palo Alto, CA, United States
6 days ago
Job type
  • Full-time
Job description

Product Security Architect

Position Overview

We are seeking an experienced Product Security Architect to join our Security Center of Excellence team and lead security initiatives across our cloud-based SaaS product portfolio. This role requires a unique blend of deep technical expertise, architectural vision, and collaborative leadership to ensure our products are built with security at their core. The ideal candidate will work at the intersection of security, development, and product design to create robust, secure solutions that protect our customers and their data.

Key Responsibilities

Security Architecture & Design

  • Design and implement comprehensive security architectures for cloud-based SaaS products, ensuring security is embedded throughout the product lifecycle
  • Conduct thorough threat modeling exercises for new and existing product features, identifying potential vulnerabilities and attack vectors
  • Define security requirements, patterns, and best practices for product development teams
  • Review and approve architectural designs from a security perspective, providing actionable guidance and recommendations

Product Security Assessment

  • Perform in-depth security assessments of products at the code, configuration, and architectural levels
  • Identify security vulnerabilities, weaknesses, and gaps in existing and proposed product implementations
  • Conduct code reviews with a focus on security, analyzing Java, Python, and React codebases for security flaws
  • Evaluate third-party integrations, APIs, and dependencies for security risks

    • Collaboration & Enablement

  • Partner closely with development teams to integrate security controls and best practices into the software development lifecycle
  • Work with QE teams to develop security test strategies, including penetration testing, vulnerability scanning, and security automation
  • Provide security guidance and mentorship to engineering teams, fostering a security-first culture
  • Translate complex security concepts into clear, actionable recommendations for technical and non-technicaål stakeholders

    • Cloud & Infrastructure Security

  • Design and implement security controls for cloud infrastructure and services (AWS, Azure, GCP)
  • Architect and implement IAM strategies including role-based access control (RBAC), attribute-based access control (ABAC), least privilege principles, and identity federation
  • Design secure network architectures including VPCs, security groups, network ACLs, microsegmentation, and zero-trust network access
  • Establish cloud configuration security standards and guardrails to prevent misconfigurations and ensure secure-by-default deployments
  • Ensure proper implementation of cloud security best practices including data encryption (at rest and in transit), secrets management, and compliance
  • Monitor and respond to emerging cloud security threats and vulnerabilities

    • Security Standards & Compliance

  • Establish and maintain security standards, policies, and procedures aligned with industry frameworks
  • Support compliance efforts including SOC 2, ISO 27001, GDPR, and other relevant standards
  • Stay current with evolving security threats, vulnerabilities, and industry best practices

    • Required Qualifications

    Experience

  • 8+ years of experience in information security, with at least 5 years specifically in product security architecture
  • Proven track record as a Product Security Architect in a SaaS or cloud-based company
  • Extensive experience with threat modeling methodologies (STRIDE, PASTA, or similar)
  • Hands-on experience identifying and remediating security vulnerabilities in production environments
  • Strong background working collaboratively with development and QE teams in agile environments

    • Technical Expertise

  • Deep understanding of secure coding practices and common vulnerability patterns (OWASP Top 10, CWE / SANS Top 25)
  • Proficiency in code-level security analysis across multiple languages, particularly Java, Python, and React / JavaScript
  • Strong knowledge of cloud security architectures and services (AWS, Azure, or GCP)
  • Expert-level knowledge of IAM principles and implementation including multi-factor authentication, single sign-on, privileged access management, service accounts, and identity lifecycle management
  • Deep understanding of network security including firewalls, IDS / IPS, VPN, TLS / SSL, DDoS protection, API gateways, and secure network segmentation
  • Extensive experience with cloud configuration security including infrastructure-as-code security, cloud security posture management, configuration drift detection, and automated compliance checking
  • Experience with authentication and authorization frameworks (OAuth 2.0, OpenID Connect, SAML, JWT, RBAC, ABAC)
  • Understanding of containerization and orchestration security (Docker, Kubernetes)
  • Knowledge of API security, microservices architecture, and distributed systems security
  • Familiarity with DevSecOps practices and security automation tools (SAST, DAST, SCA)

    • Certifications

  • CISSP (Certified Information Systems Security Professional) required
  • Additional relevant certifications valued :
  • Cloud security : CCSP, AWS Certified Security Specialty, Azure Security Engineer, Google Cloud Professional Security Engineer
  • Security architecture : CSSLP, SABSA
  • Penetration testing : CEH, OSCP, GPEN
  • Network security : CCNP Security, GIAC certifications

    • Preferred Qualifications

  • Experience with Infrastructure as Code (Terraform, CloudFormation) and security policy as code
  • Knowledge of zero-trust architecture principles and implementation
  • Experience with security incident response and vulnerability management programs
  • Background in software development or engineering
  • Experience with regulatory compliance frameworks and security audits
  • Published security research, conference presentations, or contributions to open-source security projects
  • Master's degree in Computer Science, Cybersecurity, or related field

    • Technical Skills

    Programming & Scripting :

  • Java (enterprise application security)
  • Python (security automation, scripting)
  • JavaScript / React (frontend security)
  • Additional languages a plus (Go, Rust, C / C++)

    • Security Tools & Platforms :

  • SAST / DAST tools (Checkmarx, Fortify, Veracode, etc.)
  • Vulnerability scanners and penetration testing tools
  • Security information and event management (SIEM) platforms
  • Cloud security posture management (CSPM) tools

    • Cloud Platforms & Configuration :

  • AWS, Azure, or Google Cloud Platform
  • IAM services (AWS IAM, Azure AD, GCP IAM, identity federation)
  • Network security services (VPC, Security Groups, Network ACLs, WAF, Cloud Firewall)
  • Cloud configuration management and security scanning tools
  • Cloud-native security services and controls (GuardDuty, Security Hub, Azure Defender, Security Command Center)
  • Secrets management (AWS Secrets Manager, Azure Key Vault, HashiCorp Vault)
  • Serverless architecture security

    • Development & DevOps :

  • CI / CD pipelines and security integration
  • Version control systems (Git)
  • Containerization and orchestration
  • Agile / Scrum methodologies

    • Personal Attributes

  • Strong analytical and problem-solving skills with attention to detail
  • Excellent communication skills with the ability to influence and educate diverse audiences
  • Self-motivated with the ability to work independently and as part of a team
  • Passionate about security and staying ahead of emerging threats
  • Pragmatic approach to balancing security with business needs and user experience

    • What We Offer

  • Opportunity to shape security architecture for cutting-edge Cybersecurity SaaS products
  • Collaborative environment with highly talented engineering teams
  • Professional development and growth opportunities
  • Competitive compensation and benefits package

    • We are an equal opportunity employer and value diversity in our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

    Create a job alert for this search

    Security Architect • Palo Alto, CA, United States

    Related jobs
    Senior Product Manager, Enterprise Mobility Security & AI

    Senior Product Manager, Enterprise Mobility Security & AI

    Samsung Electronics GmbH • Mountain View, California, United States
    Full-time
    Senior Product Manager, Enterprise Mobility Security & AI.Senior Product Manager, Enterprise Mobility Security & AI Job Location. Mountain View, CA Job Category.Mobile Platform and Solutions Job Typ...Show more
    Last updated: 3 days ago • Promoted
    Product Security Engineer, Cryptography & PKI

    Product Security Engineer, Cryptography & PKI

    1X Technologies AS • Palo Alto, CA, United States
    Full-time
    We're an AI and robotics company based in Palo Alto, California, on a mission to build a truly abundant society through general-purpose robots capable of performing any kind of work autonomously.We...Show more
    Last updated: 30+ days ago • Promoted
    Security Architect

    Security Architect

    Applied Intuition • Mountain View, CA, United States
    Full-time
    Applied Intuition is the vehicle intelligence company that accelerates the global adoption of safe, AI-driven machines.Founded in 2017 and now valued at $15 billion following its recent Series F fu...Show more
    Last updated: 30+ days ago • Promoted
    Databricks Enterprise Lead Security Architect -Principal IT Software Engineer

    Databricks Enterprise Lead Security Architect -Principal IT Software Engineer

    Databricks • Mountain View, CA, United States
    Full-time
    Databricks Enterprise Lead Security Architect - Principal IT Software Engineer.Join Databricks as a Lead Security Architect and influence the company’s security strategy across multi‑cloud platform...Show more
    Last updated: 30+ days ago • Promoted
    Product Security Architect

    Product Security Architect

    Athena • Palo Alto, CA, US
    Full-time
    Security Center of Excellence team and lead security initiatives across our cloud-based SaaS product portfolio.This role requires a unique blend of deep technical expertise, architectural vision, a...Show more
    Last updated: 17 days ago • Promoted
    Remote Software Architect : Scalable SaaS & Security

    Remote Software Architect : Scalable SaaS & Security

    F5 Networks, Inc. • San Jose, CA, United States
    Remote
    Full-time
    A leading tech company in San Jose is seeking a Software Architect to design and evolve scalable SaaS services.The role includes mentoring engineers, ensuring security compliance, and collaborating...Show more
    Last updated: 5 days ago • Promoted
    IT Security Architect

    IT Security Architect

    NSR S.r.L. • Palo Alto, CA, United States
    Full-time
    NSR implements ICT projects by offering innovative solutions, leveraging specialized technical, organizational, and methodological expertise in IT project management, particularly in system mainten...Show more
    Last updated: 5 days ago • Promoted
    Senior Security Architect

    Senior Security Architect

    TradeJobsWorkForce • 95126 San Jose, CA, US
    Full-time
    Senior Security Architect Job Duties : Enhances security team accomplishments and competence by planning deliv...Show more
    Last updated: 30+ days ago • Promoted
    Director, Product Management (AI Runtime Security)

    Director, Product Management (AI Runtime Security)

    Palo Alto Networks, Inc. • Santa Clara, CA, United States
    Full-time
    At Palo Alto Networks® everything starts and ends with our mission : .Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and m...Show more
    Last updated: 28 days ago • Promoted
    Security Architect

    Security Architect

    TWO95 International • San Jose, CA, United States
    Temporary
    Duration : 6-9 Months Contract to Hire.Define security requirements and checklist for IoT platforms.Champion the Client’s product security SDLC. This includes threat modeling, security testing, penet...Show more
    Last updated: 30+ days ago • Promoted
    Security Architecture Lead

    Security Architecture Lead

    Crossbar Inc. • Santa Clara, CA, United States
    Full-time
    Job Title : Security Architecture Lead.ARM M-series and Risc-V CPUs with peripherals including advance security accelerators and countermeasures. We are seeking a Security Architecture Lead to join o...Show more
    Last updated: 23 days ago • Promoted
    Cyber Security Architect.

    Cyber Security Architect.

    United Software Group • Sunnyvale, CA, United States
    Full-time
    Ohio based fast growing multi-national IT & Engineering Consulting Company, serving its Clients from last 20 years having staff strength of 2500 in 17 offices globally, operating across 8 countries...Show more
    Last updated: 20 days ago • Promoted
    Databricks Enterprise Lead Security Architect - Principal IT Software Engineer

    Databricks Enterprise Lead Security Architect - Principal IT Software Engineer

    Databricks Inc. • Mountain View, CA, United States
    Full-time
    We are looking for a highly skilled, technology and business-savvy Lead Security Architect to join our team within Databricks IT. In this dynamic, fast-paced environment, you will be responsible for...Show more
    Last updated: 30+ days ago • Promoted
    Senior Security Architect

    Senior Security Architect

    Bloom Energy • San Jose, CA, United States
    Full-time
    At Bloom Energy, our vision for a world powered by clean, reliable, and affordable energy is more than just a dream-we're making it reality. For over two decades, we've been at the forefront of the ...Show more
    Last updated: 7 days ago • Promoted
    Product Security - AI DevOps Engineer - Global Security Organisation

    Product Security - AI DevOps Engineer - Global Security Organisation

    TikTok • San Jose, CA, United States
    Full-time
    Product Security - AI DevOps Engineer - Global Security Organisation.The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and...Show more
    Last updated: 17 days ago • Promoted
    Principal Product Security Engineer (InfoSec)

    Principal Product Security Engineer (InfoSec)

    Elastic • Mountain View, CA, United States
    Full-time
    A leading technology company in Mountain View, California, is seeking a Principal Product Security Engineer to safeguard its innovative products. This role involves acting as an advisor to engineeri...Show more
    Last updated: 6 days ago • Promoted
    Security Architect - TikTok Account

    Security Architect - TikTok Account

    Tik Tok • San Jose, CA, United States
    Full-time
    We are the TikTok Account Team, responsible for the account system of all TikTok brand products.We are currently seeking an Account Security Technical Architect to join our team.Here, there are glo...Show more
    Last updated: 23 days ago • Promoted
    Senior SoC Security Architect

    Senior SoC Security Architect

    Advanced Micro Devices, Inc. • San Jose, CA, United States
    Full-time
    WHAT YOU DO AT AMD CHANGES EVERYTHING.At AMD, our mission is to build great products that accelerate next-generation computing experiences-from AI and data centers, to PCs, gaming and embedded syst...Show more
    Last updated: 30+ days ago • Promoted