Principal Architect, Product Security

Principal Architect, Product Security

At Infoblox, every breakthrough begins with a bold "what if." What if your ideas could ignite global innovation? What if your curiosity could redefine the future? We invite you to step into the next exciting chapter of your career journey. Bring your creativity, drive, your daring spirit, and feel what it's like to thrive on a team big enough to make an impact, yet small enough to make a difference. Our cloud-first networking and security solutions already protect 70% of the Fortune 500, and we're looking for creative thinkers ready to push that influence even further. Join us and discover how far your bold "what if" can take the world, your community, and your career.

Here, how we empower our people is extraordinary: Glassdoor Best Places to Work 2025, Great Place to Work-Certified in five countries, and Cigna Healthy Workforce honors three years running—and what we build is world-class: recognized as CybersecAsia's Best in Critical Infrastructure 2024—evidence that when first-class technology meets empowered talent, remarkable careers take shape. So, what if the next big idea, and the next great career story, comes from you? Become the force that turns every "what if" into "what's next".

In a world where you can be anything, Be Infoblox.

We have an opportunity for a Principal Architect to join our Architecture team in Tacoma, WA, Austin, TX or Atlanta, GA, reporting to the Vice President of Architecture. In this role, you will play a vital part in shaping and governing product security architecture across our products and platforms. You will work as part of an extended architecture team alongside product engineering, cloud platform, and security stakeholders to identify security gaps, define security architecture standards, and drive adoption of industry-leading practices including secure-by-design controls for cloud-native and AI-driven architectures. You will define security architecture standards and governance for our products and platforms, including the secure adoption of AI-enabled tooling and automation across engineering workflows.

You are the ideal candidate if you are a security thought leader who enjoys identifying gaps and designing corrective measures in collaboration with key stakeholders.

Be a Contributor — What You'll Do

• Serve as the security architecture authority within the architecture organization, partnering with product architects, principal engineers, cloud partners (AWS, Azure, GCP, OCI), and business leaders to embed secure-by-design principles into hardware appliances, multi-tenant SaaS platforms, and globally distributed cloud infrastructure.
• Architect end-to-end security controls and trust boundaries across hybrid infrastructure—firmware and appliance platforms (TPM, secure boot, supply chain), Kubernetes-based microservices, APIs, control-plane services, and multi-cloud SaaS environments with high availability and resilience.
• Lead the creation and enforcement of security reference architectures and reusable design patterns, covering Zero Trust, confidential computing, data protection, SBOM/SLSA-based supply chain integrity, workload identity, runtime security (eBPF), and API authn/authz protections.
• Drive and institutionalize architectural threat modeling (STRIDE, PASTA, attack trees, misuse cases) at the feature, platform, and system levels—directly shaping secure designs before code is written.
• Architect secure implementations of DNS, DHCP, IPAM (DDI) and high-scale network-centric services, ensuring resilience to poisoning, tunneling, spoofing, DDoS, query amplification, misconfiguration, and protocol misuse.
• Define and integrate security control points throughout CI/CD and platform engineering workflows, using Policy-as-Code, IaC scanning, security validation hooks, attestation requirements, and automated enforcement at deployment gates.
• Design, build, and scale security automation and orchestration capabilities using Python/Go, serverless, event-driven frameworks, OPA/Kyverno, and CI/CD integrations to reduce manual toil and accelerate secure delivery.
• Lead and influence architecture reviews and governance forums, shaping long-term technical roadmaps and product direction to meet security and reliability objectives.
• Drive adoption of CNAPP, CWPP, WAF, service mesh security, API gateways, SIEM/SOAR, and cloud-native telemetry for protective monitoring, runtime defense, and incident-ready detection.
• Translate regulatory and compliance requirements (FedRAMP, SOC2, ISO 27001, NIST SP 800-53, CSA CCM, SOX) into actionable, measurable, and auditable security architecture control objectives—shifting from audit-driven to architecture-driven alignment.
• Act as a security culture amplifier, mentoring architects and senior engineers, building a broader security-minded engineering community, and elevating the technical bar across the organization.

Be Prepared — What You Bring

• 15 plus years of Security Engineering and Architecture experience, including principal- or architect-level leadership designing secure SaaS, appliance-based, or cloud-native platforms at global scale.
• Proven ability to architect secure multi-cloud (AWS, GCP, Azure, OCI) platforms, including identity federation, VPC/network isolation, workload identity, secrets lifecycle, and secure control-plane design.
• Deep expertise in securing:
  • Container and Kubernetes ecosystems (EKS, GKE, AKS, Istio, Envoy, Pod Security, eBPF, runtime protection)
  • Infrastructure-as-Code and platform engineering workflows (Terraform, Helm, CloudFormation, Kustomize, Pulumi)
  • Protocol-heavy systems (DNS, DHCP, IPAM / DDI architecture, control-plane security, service segmentation, and abuse prevention)
• Advanced knowledge of secure architecture patterns, including Zero Trust, secure edge computing, secure boot, TPM, firmware integrity, remote attestation, confidential computing, and supply chain integrity (SBOM, SLSA, SCVS).
• Strong track record of architecting and implementing security automation, using language fluency in Python, Go, Rust, or Shell to build scalable tools, runtime validation frameworks, and detection/response integrations.
• Demonstrated experience translating compliance frameworks (FedRAMP High, SOC2, NIST 800-53, ISO 27001, SOX, CSA CCM) into engineering-enforceable technical control architectures.
• Hands-on experience conducting and leading:
  • Threat modeling (STRIDE, PASTA, attack trees, misuse cases)
  • Secure code reviews (Python, Go, Rust, C/C++, Lua, Shell)
  • API and microservice security reviews (OAuth2/OIDC, mTLS, JWT, ABAC/RBAC)
• Experience defining and leading security capability roadmaps, influencing long-term strategy for platform hardening, secure edge architecture, supply chain resilience, and incident-driven control improvements.
• Strong communication and influence skills—capable of evangelizing secure architecture to VP-level business leaders, product strategists, and engineering leaders.
• Relevant certifications desirable (AWS Security Specialty, CISSP-ISSAP, GIAC-GDSA/GCSA, CCSP, OSCP), but hands-on architectural experience outweighs certifications.

Be Successful — Your Path

First 90 Days: Immerse in our culture, connect with mentors (Blox Buddies), and map the systems and meet with key stakeholders that rely on your work. Discuss and create short/long term goals.

Six Months: Gain a comprehensive understanding of our product ecosystem and its security needs, establish strong relationships with key stakeholders across teams, and identify and propose enhancements for security automation in our infrastructure.

One Year: Become a trusted advisor within the organization, recognized for leading secure product design initiatives, assist in the design of a comprehensive security architecture roadmap and ensure IT SOC processes are in alignment with product security objectives.

Belong— Your Community

Our culture thrives on inclusion, rewarding the bold ideas, curiosity, and creativity that move us forward. In a community where every voice counts, continuous learning is the norm. So, whether you code, create, sell, or care for customers, you'll grow and belong here.

Be Rewarded — Benefits That Help You Grow, Thrive, Belong

• Comprehensive health coverage, generous PTO, and flexible work options
• Learning opportunities, career-mobility programs, and leadership workshops
• Sixteen paid volunteer hours each year, global employee resource groups, and a "No Jerks" policy that keeps collaboration healthy
• Modern offices with EV charging