We are seeking a Product Security Architect to impact our R&D processes significantly. If you have a strong technical and security background and are excited to join a fast-growing team, we’d love to meet you!
In this role, you’ll ensure our ML/AI platform remains secure while driving innovation within our research team.
As a Product Security Architect, you will:
Design secure systems and conduct threat modeling for new and existing features.
Review, identify and mitigate security risks in architecture, applications, and infrastructure levels.
Perform regular security assessments and audits to identify vulnerabilities and ensure compliance with security standards.
Develop, maintain, and audit information security policies and guidelines.
Actively influence the product and services roadmap and security implementation.
Continually improve Secure Development Lifecycle (SDLC) practices within R&D and Product units.
Integrate security best practices into CI/CD pipelines and development workflows.
Ensure the effectiveness of processes and controls to meet multiple standards, regulations, and audits, such as ISO27001, PCI-DSS, and more.
Provide guidance and mentorship to development teams on secure coding practices and security principles.
Collaborate with cross-functional teams, including developers, product managers, DevOps and more, to ensure security is integrated into all aspects of the R&D.
Communicate security risks and recommendations to technical and non-technical stakeholders effectively.
Review new tools and processes to detect security threats.
For management review, generate regular reports on security posture, vulnerabilities, and compliance status.
In this role, you’ll ensure our ML/AI platform remains secure while driving innovation within our research team.
As a Product Security Architect, you will:
Design secure systems and conduct threat modeling for new and existing features.
Review, identify and mitigate security risks in architecture, applications, and infrastructure levels.
Perform regular security assessments and audits to identify vulnerabilities and ensure compliance with security standards.
Develop, maintain, and audit information security policies and guidelines.
Actively influence the product and services roadmap and security implementation.
Continually improve Secure Development Lifecycle (SDLC) practices within R&D and Product units.
Integrate security best practices into CI/CD pipelines and development workflows.
Ensure the effectiveness of processes and controls to meet multiple standards, regulations, and audits, such as ISO27001, PCI-DSS, and more.
Provide guidance and mentorship to development teams on secure coding practices and security principles.
Collaborate with cross-functional teams, including developers, product managers, DevOps and more, to ensure security is integrated into all aspects of the R&D.
Communicate security risks and recommendations to technical and non-technical stakeholders effectively.
Review new tools and processes to detect security threats.
For management review, generate regular reports on security posture, vulnerabilities, and compliance status.
Requirements:
8+ years of experience in Information Security.
Extensive experience in designing, implementing, and managing security architectures for complex applications.
Deep understanding of application security principles, frameworks, and standards (e.g., OWASP, NIST).
Strong knowledge of authentication, authorization, encryption, and other security protocols.
Hands-on experience designing and building secure web/mobile applications, systems, or networks.
Familiarity with security methodologies and industry standards (e.g., ISO27001, PCI-DSS, GDPR).
Proficiency in secure software development practices, including Secure Software Development Life Cycle (SSDLC) and DevSecOps practices.
Experience securing Cloud environments (AWS, GCP, and/or Azure) and networks.
Ability to conduct risk assessments, threat modeling, and vulnerability assessments.
Experience in conducting security reviews, code audits, and threat modeling during the development process.
Excellent communication skills, both written and verbal, to effectively convey security concepts to technical and non-technical stakeholders.
Proven leadership skills with the ability to mentor and guide security team members.
Strong collaboration skills to work with cross-functional teams, including developers, product managers, and DevOps.
8+ years of experience in Information Security.
Extensive experience in designing, implementing, and managing security architectures for complex applications.
Deep understanding of application security principles, frameworks, and standards (e.g., OWASP, NIST).
Strong knowledge of authentication, authorization, encryption, and other security protocols.
Hands-on experience designing and building secure web/mobile applications, systems, or networks.
Familiarity with security methodologies and industry standards (e.g., ISO27001, PCI-DSS, GDPR).
Proficiency in secure software development practices, including Secure Software Development Life Cycle (SSDLC) and DevSecOps practices.
Experience securing Cloud environments (AWS, GCP, and/or Azure) and networks.
Ability to conduct risk assessments, threat modeling, and vulnerability assessments.
Experience in conducting security reviews, code audits, and threat modeling during the development process.
Excellent communication skills, both written and verbal, to effectively convey security concepts to technical and non-technical stakeholders.
Proven leadership skills with the ability to mentor and guide security team members.
Strong collaboration skills to work with cross-functional teams, including developers, product managers, and DevOps.
This position is open to all candidates.