REMOTE Security Architect

Product Security Architect Position Overview
We are seeking an experienced Product Security Architect to join our Security Center of Excellence team and lead security initiatives across our cloud-based SaaS product portfolio. The ideal candidate will work at the intersection of security, development, and product design to create robust, secure solutions that protect our customers and their data.
Design and implement comprehensive security architectures for cloud-based SaaS products, ensuring security is embedded throughout the product lifecycle
Perform in-depth security assessments of products at the code, configuration, and architectural levels
Identify security vulnerabilities, weaknesses, and gaps in existing and proposed product implementations
Conduct code reviews with a focus on security, analyzing Java, Python, and React codebases for security flaws
Evaluate third-party integrations, APIs, and dependencies for security risks
Partner closely with development teams to integrate security controls and best practices into the software development lifecycle
Cloud & Infrastructure Security
Design and implement security controls for cloud infrastructure and services (AWS, Azure, GCP)
Architect and implement IAM strategies including role-based access control (RBAC), attribute-based access control (ABAC), least privilege principles, and identity federation
Design secure network architectures including VPCs, security groups, network ACLs, microsegmentation, and zero-trust network access
Establish cloud configuration security standards and guardrails to prevent misconfigurations and ensure secure-by-default deployments
Ensure proper implementation of cloud security best practices including data encryption (at rest and in transit), secrets management, and compliance
Monitor and respond to emerging cloud security threats and vulnerabilities
Establish and maintain security standards, policies, and procedures aligned with industry frameworks
8+ years of experience in information security, with at least 5 years specifically in product security architecture
~ Proven track record as a Product Security Architect in a SaaS or cloud-based company
~ Strong background working collaboratively with development and QE teams in agile environments

Deep understanding of secure coding practices and common vulnerability patterns (OWASP Top 10, CWE/SANS Top 25)
Proficiency in code-level security analysis across multiple languages, particularly Java, Python, and React/JavaScript
Strong knowledge of cloud security architectures and services (AWS, Azure, or GCP)
Expert-level knowledge of IAM principles and implementation including multi-factor authentication, single sign-on, privileged access management, service accounts, and identity lifecycle management
Deep understanding of network security including firewalls, IDS/IPS, VPN, TLS/SSL, DDoS protection, API gateways, and secure network segmentation
Extensive experience with cloud configuration security including infrastructure-as-code security, cloud security posture management, configuration drift detection, and automated compliance checking
CISSP (Certified Information Systems Security Professional) required
Cloud security: CCSP, AWS Certified Security Specialty, Azure Security Engineer, Google Cloud Professional Security Engineer
Penetration testing: Network security: Experience with Infrastructure as Code (Terraform, CloudFormation) and security policy as code
Knowledge of zero-trust architecture principles and implementation
Background in software development or engineering
Experience with regulatory compliance frameworks and security audits
Published security research, conference presentations, or contributions to open-source security projects
Master's degree in Computer Science, Cybersecurity, or related field
Programming & Scripting:
Java (enterprise application security)
Python (security automation, scripting)
JavaScript/React (frontend security)
Additional languages a plus (Go, Rust, C/C++)
Security Tools & Platforms:
Vulnerability scanners and penetration testing tools
Security information and event management (SIEM) platforms
Cloud security posture management (CSPM) tools
Cloud Platforms & Configuration:
AWS, Azure, or Google Cloud Platform
IAM services (AWS IAM, Azure AD, GCP IAM, identity federation)
Network security services (VPC, Security Groups, Network ACLs, WAF, Cloud Firewall)
Cloud configuration management and security scanning tools
Cloud-native security services and controls (GuardDuty, Security Hub, Azure Defender, Security Command Center)
Secrets management (AWS Secrets Manager, Azure Key Vault, HashiCorp Vault)
Development & DevOps:
CI/CD pipelines and security integration
Agile/Scrum methodologies
Personal Attributes
Pragmatic approach to balancing security with business needs and user experience
Opportunity to shape security architecture for cutting-edge Cybersecurity SaaS products
Professional development and growth opportunities
We are an equal opportunity employer and value diversity in our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.