Principal platform Security Software Engineer

We are looking for a Principal Platform Security Software Engineer to lead the design and implementation of security-first software development practices across our platform. This role is pivotal in driving Zero Trust architecture, embedding security into every layer of our software stack, and evangelizing secure development practices across the engineering organization. You will work hands-on with technologies including Ruby, NodeJS, Client-side JavaScript, Golang, and PostgreSQL, while collaborating with engineering teams to ensure our platform is secure by design.

• Architect and implement Zero Trust security principles across platform services and infrastructure.


• Develop secure software components and libraries in Ruby, NodeJS, JavaScript, Golang, and PostgreSQL.


• Define and enforce secure coding standards, threat modeling, and code review practices.


• Collaborate with engineering teams to integrate security into CI/CD pipelines and development workflows.


• Lead security-focused design reviews and provide guidance on secure architecture patterns.


• Build tools and frameworks to automate security checks and vulnerability detection.


• Partner with SREs and platform engineers to ensure runtime security and observability.


• Stay current with emerging security threats, technologies, and compliance requirements.

• 10+ years of software development experience with a strong focus on security.


• Deep expertise in Ruby, NodeJS, JavaScript, Golang, and PostgreSQL.


• Proven experience implementing Zero Trust architectures and secure service communication.


• Strong understanding of application security, identity and access management, encryption, and secure APIs.


• Experience with DevSecOps, including integrating security into CI/CD pipelines.


• Familiarity with container security, Kubernetes, and cloud-native security practices.


• Excellent communication and leadership skills, with a passion for mentoring and influencing teams.

• We promote a culture of security-first thinking and shared responsibility across all engineering teams.


• Engineers are empowered to challenge assumptions, propose innovative solutions, and drive change.


• We value collaboration, transparency, and continuous learning.


• You ll work in a high-trust environment where your expertise shapes the future of platform security.

• Experience with security frameworks like OWASP, NIST, or MITRE ATT&CK.


• Hands-on experience with IAM, OAuth2, OIDC, and SAML.


• Familiarity with security compliance standards (e.g., SOC 2, ISO 27001, HIPAA).


• Contributions to open-source security tools or communities.