Principal Product Security Engineer

View full description

Requirements:

• 10+ years of experience in product/application security, security architecture, or security engineering roles, including leadership experience.
• Deep hands-on technical expertise in secure development practices, cloud-native security architectures, threat modeling, and modern application security vulnerabilities and mitigations.
• Strong experience with authentication protocols, cryptography, secrets management, and other foundational application security concepts.
• Proven track record of building and scaling effective product security programs and teams.
• Exhibits strong leadership skills and ability to set technical vision and direction.
• Strong sense of ownership, urgency, and drive.
• Analytical mindset with excellent problem-solving skills.
• Team player with strong collaboration, communication, and influencing skills.
• Comfortable diving deep into technical details while maintaining strategic perspective.
• Adaptable and embraces change and continuous learning.

Responsibilities:

• Provide strategic technical guidance to the Unchained Information Security team.
• Establish security architecture standards and promote secure design practices.
• Conduct in-depth application threat modeling and risk assessments.
• Develop and enforce secure coding guidelines, static code analysis (SAST), dynamic testing (DAST), and secure build/deploy pipelines.
• Design and oversee the implementation of robust security controls for authentication, authorization, cryptography, key management, and secrets management.
• Proactively identify and mitigate OWASP Top 10 and other application security risks.
• Collaborate with engineering teams to integrate effective security controls and testing into their SDLC.
• Manage and influence senior-level stakeholder relationships, including security technology, engineering, and operations.
• Drive innovation and strategic thinking to proactively tackle emerging security challenges at the company's scale.