Principal, Security Architect

Principal, Security Architect page is loaded## Principal, Security Architectlocations: US Remotetime type: Full timeposted on: Posted Todayjob requisition id: JR114236## We are looking for a visionary Principal Security Architect to serve as the master designer of our digital defense spanning disciplines of Product Security, Corporate Security, and Risk Management. You will balance cutting-edge innovation with uncompromising protection, ensuring our infrastructure is resilient by design rather than by reaction. You will lead security architecture efforts for flagship customer-facing initiatives and partner closely with technical and business leaders to make a lasting impact. By integrating with delivery teams as a Subject Matter Expert, you will provide detailed consultation to ensure software solutions are secure, scalable, and adhere to industry-leading security standards.## ## **What You’ll Do:*** ## Architect and Enforce Secure Cloud Native Guardrails* ## Security as Code and Platform Guardrails: Design and implement enforceable security controls directly into Infrastructure as Code, CI CD pipelines, and cloud control planes. Define reusable, opinionated reference patterns that bake in least privilege IAM, secure defaults, encryption standards, workload identity, network segmentation, and tenant isolation across AWS, Azure, or GCP. Ensure guardrails are preventative by default rather than detective after deployment.* ## Secure SaaS Architecture and Isolation: Own and evolve security reference architectures for multi tenant customer facing platforms, including API security, strong service to service authentication, authorization boundaries, secrets management, and blast radius containment. Embed data level protections and isolation controls that scale with product growth.* ## Automated Architecture Assurance: Institutionalize automated architecture reviews through policy as code, static analysis, and runtime controls that continuously validate alignment with Zero Trust principles, regulatory requirements, and internal security standards. Replace manual review bottlenecks with scalable, measurable security enforcement.* ## Design and Modernize Corporate Security Controls* ## Workforce Identity and Just in Time Access: Design and implement modern workforce identity architecture grounded in Zero Trust principles. Develop and mature just in time and just enough access strategies across SaaS applications, cloud administration, and internal systems. Reduce standing privilege through automated provisioning, strong authentication, device trust, and continuous access evaluation.* ## Endpoint and Device Security Strategy: Evaluate, test, and recommend endpoint detection, response, and hardening controls across macOS, Windows, and mobile platforms. Define secure configuration baselines, telemetry standards, and device posture requirements that meaningfully reduce lateral movement and credential theft risk. Continuously assess control efficacy through validation testing and measurable risk reduction.* ## Security Orchestration and Automation: Identify and implement automation opportunities across identity, endpoint, and security operations workflows. Architect integrations between IAM, EDR, MDM, SIEM, and ticketing platforms to eliminate manual processes, accelerate containment, and improve signal to noise. Drive security as code and event driven enforcement across corporate systems.* ## Control Assurance and Continuous Improvement: Establish mechanisms to test and validate corporate security controls through simulation, access reviews, configuration audits, and adversary emulation. Translate findings into architectural improvements that harden the enterprise environment while maintaining workforce productivity.* ## Strategic Advisory and Governance* ## Executive Consultancy: Act as the primary security consultant for executive leadership, translating complex cyber threats, regulatory requirements, and risk posture into actionable architectural guidance.* ## Risk-Based Trade-offs: Lead risk-based trade-off discussions regarding security, privacy, usability, and delivery, documenting key decisions and rationale to help teams move quickly and consistently. Actively engage in governance processes to ensure compliance with regulations such as PCI DSS, CCPA, SOC2, ISO 27001, ISO 27701, and ISO 42001.* ## Secure and Advance AI Across the Enterprise* ## Product AI Security: Design and review secure architectures for AI enabled product capabilities, including LLM workflows, RAG pipelines, agentic systems, and Model Context Protocol integrations. Define rigorous guardrails for tenant isolation, data ingestion, tool permissions, sensitive data handling, prompt safety, authorization boundaries, output controls, and auditability.* ## Corporate AI Governance: Partner with IT, Legal, Data, and Engineering leaders to implement controls for internal AI usage and third party AI services. Establish lifecycle governance for model selection, validation, monitoring, and retirement aligned with emerging standards and regulation. Prevent sensitive data leakage, manage vendor risk, and enforce privacy, compliance, and intellectual property protections.* ## AI Driven Security and Emerging Technology: Leverage AI to enhance detection, response, and secure development workflows while mitigating risks such as prompt injection, model abuse, adversarial manipulation, and model poisoning. Evaluate and guide adoption of emerging technologies to ensure long term resilience against sophisticated threat actors.## What You’ll Bring:* ## Experience: 12+ years of experience in senior technical roles with 5+ years focused on Security Architecture. Demonstrated leadership at the enterprise or divisional level, and a strong background in software engineering, product security, and/or enterprise architecture.* ## Architectural Mastery: Deep experience with security frameworks (NIST, ISO 27001, SOC2) and comprehensive knowledge of cloud-native security across Azure and/or AWS.* ## Systems Thinking: The ability to see the "big picture," understanding how changes in identity management or network design impact the global data footprint. Expertise in modern authentication protocols like OAuth 2.0, OpenID Connect, and SAML 2.0.* ## Technical Depth: Hands-on proficiency in secure network design, IAM, encryption standards, container security (e.g., Kubernetes), and CI/CD plus IaC guardrails.* ## AI-Native Behavior: You actively use AI today and can clearly articulate where it helps, where it introduces risk, and the necessary guardrails you apply. You understand the implications of Non-Human Identity and management strategies to reduce risk.,## * ## Measurable Impact: You will have a track record of driving security-focused initiatives that unify technical security, enterprise architecture, application architecture, and business outcomes. You will empower business units to achieve their strategic goals with confidence while minimizing risk.* ## Cross-Functional Ownership: You will have the autonomy to partner with engineering, product, and compliance teams, leveraging your strong collaboration skills to challenge ideas respectfully, mentor others, and influence without direct authority.* ## Inclusive Culture: We value diverse perspectives and ensure every voice is heard. We are committed to building teams that include a variety of backgrounds, perspectives, and skills, as this is critical to helping us achieve our mission.**Be Human With Us:**Being human isn’t about checking every box on a list. It’s about the experiences we have, people we meet, and the perspectives we share. So, if you have the skills but are hesitant to apply because of your background, apply anyway. We need amazing people like you to help us challenge the conventional and think differently about the problems that we’re solving. We’re in this together. Come be human, with #J-18808-Ljbffr ServiceTitan, Inc.