Principal Product Security Engineer (InfoSec)

Your Career

As a Principal Product Security Engineer on the Infosec Product Security team you will be a leading technical authority and strategist responsible for architecting and spearheading security initiatives across all Palo Alto Networks products end-to-end. Youll be a pivotal leader and mentor within a deep and savvy security team setting the vision and driving the companys product security strategy. Furthermore you will be a thought leader and expert practitioner championing security engineering and innovations. You will be expected to influence and guide cross-functional executive leadership and teams in Product Management Development and DevOps/SRE to embed and advance security throughout the entire product lifecycle.

Your Impact

• Architect champion and oversee the implementation of next-gen AppSec technologies with advanced automation into complex large-scale engineering CI/CD pipelines.

• Define and lead the strategy for protecting application security throughout the life-cycle in multi-cloud environments (GCP & AWS) and on-premise solutions establishing best practices and standards.

• Pioneer and champion the development of risk-driven intelligent automation to optimize and scale SAST SCA OSS DAST Infrastructure as Code (IaC) and RASP integrations with advanced tooling and threat modeling.

• Act as a primary thought leader and evangelist driving the adoption and evolution of Secure SDLC and security best practices across the entire application lifecycle. You possess deep authoritative knowledge of security from infrastructure through application and will mentor others to effectively apply it.

• Spearhead the design implementation and continuous improvement of secure software development processes including secure coding standards advanced security testing methodologies and proactive vulnerability management programs.

• Own and elevate security reporting including driving strategic improvements in vulnerability management coordinating advanced penetration testing engagements and ensuring infrastructure compliance at a strategic level.

• Mentor and guide senior security engineers and technical leads fostering a culture of technical excellence innovation and knowledge sharing within the team and across the engineering organization.

• Develop and champion long-term product security roadmaps and strategies aligning with business objectives technological advancements and emerging threat landscapes.

• Represent Palo Alto Networks Product Security in external forums industry conferences and standard bodies contributing to the broader cybersecurity community.

Qualifications :

Your Experience 

• 10-15 years of hands-on experience in cybersecurity with 8-12 years of deep specialization in application security secure software development security review and automation at scale.

• Expert-level knowledge and proven track record of architecting implementing and scaling security tooling and best practices such as pre-commit/pre-receive hooks dependency scanning SAST OSS and advanced vulnerability management platforms.

• Demonstrated leadership in security tools benchmarking fine-tuning and strategic integration to maximize effectiveness and minimize friction.

• Extensive experience leading and maturing practices around architectural risk analysis threat modeling secure code reviews static code analysis and advanced security testing techniques to identify and remediate complex vulnerabilities in enterprise-scale software products.

• Authoritative knowledge of industry security standards and best practices (e.g. OWASP NIST ISO MITRE ATT&CK) and experience driving their adoption and adaptation.

• Expertise in designing architecting and securing large-scale integrations of AWS and/or GCP services into IAM platforms and overall cloud security posture.

• Profound expertise in microservice architecture and demonstrated leadership in defining and enforcing security best practices for APIs across complex multi-cloud environments.

• Exceptional written and oral communication skills with a proven ability to influence and present to multiple levels of leadership including executives involving both business and technical stakeholders.

• Demonstrated experience in leading complex cross-functional security initiatives setting technical direction and mentoring senior technical staff.

• Track record of innovation in product security potentially including patents publications or significant contributions to open-source security projects.

Additional Information :

The Team

Input by recruiter and audited by recruiting specialist

Compensation Disclosure

The compensation offered for this position will depend on qualifications experience and work location. For candidates who receive an offer at the posted level the starting base salary (for non-sales roles) or base salary commission target (for sales/commissioned roles) is expected to be between $162000 - $263000/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found here.

Our Commitment

Were problem solvers that take risks and challenge cybersecuritys status quo. Its simple: we cant accomplish our mission without diverse teams innovating together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need please contact us at  .

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace and all qualified applicants will receive consideration for employment without regard to age ancestry color family or medical care leave gender identity or expression genetic information marital status medical condition national origin physical or mental disability political affiliation protected veteran status race religion sex (including pregnancy) sexual orientation or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.