Principal platform Security Software Engineer

As a Principal Platform Security Software Engineer, your role will involve leading the design and implementation of security-first software development practices across the platform. You will play a crucial part in driving Zero Trust architecture, embedding security at every layer of the software stack, and advocating secure development practices within the engineering organization. Your hands-on work will include utilizing technologies such as Ruby, NodeJS, Client-side JavaScript, Golang, and PostgreSQL, collaborating with engineering teams to ensure secure design of the platform. Key Responsibilities: - Architect and implement Zero Trust security principles across platform services and infrastructure. - Develop secure software components and libraries in Ruby, NodeJS, JavaScript, Golang, and PostgreSQL. - Define and enforce secure coding standards, threat modeling, and code review practices. - Collaborate with engineering teams to integrate security into CI/CD pipelines and development workflows. - Lead security-focused design reviews and provide guidance on secure architecture patterns. - Build tools and frameworks to automate security checks and vulnerability detection. - Partner with SREs and platform engineers to ensure runtime security and observability. - Stay current with emerging security threats, technologies, and compliance requirements. Required Qualifications: - 10+ years of software development experience with a strong focus on security. - Deep expertise in Ruby, NodeJS, JavaScript, Golang, and PostgreSQL. - Proven experience implementing Zero Trust architectures and secure service communication. - Strong understanding of application security, identity and access management, encryption, and secure APIs. - Experience with DevSecOps, including integrating security into CI/CD pipelines. - Familiarity with container security, Kubernetes, and cloud-native security practices. - Excellent communication and leadership skills, with a passion for mentoring and influencing teams. In terms of Team Culture & Collaboration, you will be part of a culture that promotes security-first thinking and shared responsibility among all engineering teams. Engineers are encouraged to challenge assumptions, propose innovative solutions, and drive change. Collaboration, transparency, and continuous learning are valued, creating a high-trust environment where your expertise shapes the future of platform security. Preferred Qualifications: - Experience with security frameworks like OWASP, NIST, or MITRE ATT&CK. - Hands-on experience with IAM, OAuth2, OIDC, and SAML. - Familiarity with security compliance standards (e.g., SOC 2, ISO 27001, HIPAA). - Contributions to open-source security tools or communities.,