Principal Security Engineer

2 days ago

San Francisco, CA, United States Ethos Life Full time
About Ethos

Ethos was built to make it faster and easier to get life insurance for the next million families. Our approach blends industry expertise, technology, and the human touch to find you the right policy to protect your loved ones.

We leverage deep technology and data science to streamline the life insurance process, making it more accessible and convenient. Using predictive analytics, we are able to transform a traditionally multi-week process into a modern digital experience for our users that can take just minutes We've issued billions in coverage each month and eliminated the traditional barriers, ushering the industry into the modern age. Our full-stack technology platform is the backbone of family financial health.

We make getting life insurance easier, faster and better for everyone.

Our investors include General Catalyst, Sequoia Capital, Accel Partners, Google Ventures, SoftBank, and the investment vehicles of Jay-Z, Kevin Durant, Robert Downey Jr and others. This year, we were named on CB Insights' Global Insurtech 50 list and BuiltIn's Top 100 Midsize Companies in San Francisco. We are scaling quickly and looking for passionate people to protect the next million families

About the role

We're seeking a Principal Security Engineer with deep expertise in cloud security, application security, and security architecture to join our growing security team. This role will report directly to CISO. In this role, you'll lead the design and implementation of scalable, secure systems across cloud platforms and modern application stacks, guiding both strategic security initiatives and day-to-day security engineering operations.

This is a high-impact role that will shape the security posture of our platforms and development practices, working across engineering, DevOps, architecture, and compliance teams.

Duties and Responsibilities:
  • Design and implement secure architectures for applications, APIs, microservices, and containerized workloads.
  • Develop and enforce application security best practices across SDLC; partner with DevOps and engineering teams to integrate security into CI/CD pipelines.
  • Conduct threat modeling, security design reviews, and risk assessments for new and existing systems.
  • Evaluate and implement cloud security tools, controls, and frameworks (e.g., CSPM, CWPP, IAM, KMS, logging, and monitoring).
  • Provide technical leadership and mentorship to security engineers, software developers, and DevOps personnel.
  • Lead response to complex security incidents or architectural flaws; conduct root cause analysis and recommend strategic remediations.
  • Contribute to and influence security policies, standards, and governance.
  • Stay current with emerging threats, vulnerabilities, and security technologies, advising stakeholders on evolving risks and mitigations.
Qualifications and Skills:
  • 10+ years of experience in security engineering or architecture roles.
  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field from a reputable institution.
  • Deep expertise in cloud platforms (particularly AWS), including infrastructure-as-code (e.g., Terraform, CloudFormation).
  • Strong experience in secure software development and application security (e.g., OWASP Top 10, SAST, DAST, threat modeling).
  • Experience designing and implementing zero-trust architectures, secure API gateways, and identity/access controls.
  • Proficient in scripting or development languages (e.g., Python, Go, JavaScript) and secure coding practices.
  • Demonstrated leadership in cross-functional security initiatives and technical mentorship.
  • Ability to come into our San Francisco, CA office once a week.
Preferred Qualifications:
  • Certifications such as CISSP, CCSP, AWS Security Specialty, GIAC (GCSA, GWEB, GDSA).
  • Familiarity with Kubernetes security, service mesh, and cloud-native security tooling
  • Experience in regulated industries (e.g., fintech, healthcare, SaaS at scale).

#LI-Hybrid #LI-JA1

The US national base salary range for this full-time position is $136,000 - $241,000. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.

Please note that the compensation details listed in US role postings reflect the base salary only, and do not include applicable bonus, equity, or benefits.

You can find further details of our US benefits at https://www.ethoslife.com/careers/

Don't meet every single requirement? If you're excited about this role but your past experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. At Ethos we are dedicated to building a diverse, inclusive and authentic workplace.

We are an equal opportunity employer who values diversity and inclusion and look for applicants who understand, embrace and thrive in a multicultural world. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Pursuant to the SF Fair Chance Ordinance, we will consider employment for qualified applicants with arrests and conviction records.

To learn more about what information we collect and how it may be used, please refer to our California Candidate Privacy Notice.

  • Staff Frontend Engineer

    2 weeks ago

    San Francisco, CA, United States Cogent Security Full time

    About the Role Cogent Security is redefining how AI can proactively defend organizations against evolving threats. As a Staff Frontend Engineer, you will own the frontend platform and experience that enables customers to visualize, understand, and act on complex security data with confidence. This is a Staff+ caliber role: you've operated at least at Staff,...

  • Product Security Principal

    2 weeks ago

    San Francisco, CA, United States Salesforce.Com Inc Full time

    To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts. Job Category Product Job Details About Salesforce Salesforce is the #1 AI CRM, where humans with agents drive customer success together. Here, ambition meets action. Tech meets trust. And innovation isn't a...

  • Product Security Principal

    1 week ago

    San Francisco, CA, United States Salesforce.Com Inc Full time

    To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts. Job Category Product Job Details About Salesforce Salesforce is the #1 AI CRM, where humans with agents drive customer success together. Here, ambition meets action. Tech meets trust. And innovation isn't a...

  • Principal Vulnerability Engineer

    2 weeks ago

    San Francisco, CA, United States Kandji Full time

    Principal Vulnerability Engineer San Francisco / Engineering / Full-Time / On-site About Kandji Kandji is the Apple Device Management and Security Platform. Kandji empowers companies to manage and secure Apple devices in the enterprise and at scale. By centrally securing and managing Mac, iPhone, iPad, and Apple TV devices, IT and InfoSec teams can save...

  • Principal Security Engineer, ANZ based with relocation support

    1 day ago

    San Francisco, CA, United States Canva Full time

    Company DescriptionJoin the team redefining how the world experiences design. Hey, g'day, mabuhay, kia ora, 你好, hallo, vítejte! Thanks for stopping by. We know job hunting can be a little time consuming and you're probably keen to find out what's on offer, so we'll get straight to the point. Where and how you can work Our flagship campus is in Sydney,...

  • Cyber Security Engineer, Principal

    1 week ago

    San Diego, CA, United States Qualcomm Full time

    Company: Qualcomm Incorporated Job Area: Information Technology Group, Information Technology Group > Cyber Security Engineering General Summary: The Qualcomm AI Cybersecurity Team is dedicated to protecting the company's use of Artificial Intelligence (AI), defending against AI-driven attacks, and augmenting security capabilities with AI-powered innovation....

  • Cyber Security Engineer, Principal

    7 days ago

    San Diego, CA, United States Qualcomm Full time

    Company: Qualcomm Incorporated Job Area: Information Technology Group, Information Technology Group > Cyber Security Engineering General Summary: The Qualcomm AI Cybersecurity Team is dedicated to protecting the company's use of Artificial Intelligence (AI), defending against AI-driven attacks, and augmenting security capabilities with AI-powered innovation....

  • Cyber Security Engineer, Principal

    1 week ago

    San Diego, CA, United States Qualcomm Full time

    Company: Qualcomm Incorporated Job Area: Information Technology Group, Information Technology Group > Cyber Security Engineering General Summary: The Qualcomm AI Cybersecurity Team is dedicated to protecting the company's use of Artificial Intelligence (AI), defending against AI-driven attacks, and augmenting security capabilities with AI-powered innovation....

  • Cyber Security Engineer, Principal

    6 days ago

    San Diego, CA, United States Qualcomm Full time

    Company: Qualcomm Incorporated Job Area: Information Technology Group, Information Technology Group > Cyber Security Engineering General Summary: The Qualcomm AI Cybersecurity Team is dedicated to protecting the company's use of Artificial Intelligence (AI), defending against AI-driven attacks, and augmenting security capabilities with AI-powered innovation....

  • Cyber Security Engineer, Principal

    2 days ago

    San Diego, CA, United States Qualcomm Full time

    Company: Qualcomm Incorporated Job Area: Information Technology Group, Information Technology Group > Cyber Security Engineering General Summary: The Qualcomm AI Cybersecurity Team is dedicated to protecting the company's use of Artificial Intelligence (AI), defending against AI-driven attacks, and augmenting security capabilities with AI-powered innovation....