Principal Product Security Engineer

Job Title: Principal Product Security Engineer Cryptographic Architect

Red Hats products form the foundation of the enterprise IT landscape and the trust in those products is built on cryptography. As the cryptographic landscape faces its greatest shift in a generationthe transition to Post-Quantum Cryptography (PQC)Red Hat is building out our portfolio team to govern our cryptographic future.

We are forming a Portfolio Crypto Team a strategic partnership between Product Security and RHEL Security. As a Principal Product Security Engineer you will be the strategic leader for this team acting as the chief architect for Red Hats portfolio-wide cryptographic strategy and policy.

Your mission is to ensure Red Hats portfolio remains secure compliant and agile in the face of evolving cryptographic threats. You will act as an expert across a group of projects steer collaboration across products and have a visible business impact by defining the long-term technical strategy for cryptography at Red Hat.

What You Will Do:

• Act as a Strategic Influencer and SME:

  • Serve as Red Hats senior subject matter expert (SME) on cryptographic strategy influencing and contributing to upstream communities (e.g. Go python) and standards bodies (IETF).

  • Consult with senior leadership and product architects to resolve complex cross-portfolio dependencies and ensure strategic alignment.

• Architect and Govern Portfolio-Wide Cryptographic Policy:

  • Own and evolve the Portfolios formal cryptographic policy defining the standards for algorithm use key lengths and protocol implementation across all products.

  • Serve as the central authority for cryptographic compliance strategy working with the Product teams and Business Unit leaders to align engineering efforts with government and regulatory requirements.

  • Lead the strategic response to future cryptographic inflection points (e.g. new PQC standards major breaks).

• Drive Long-Term Cryptographic Agility:

  • Architect and govern the strategy for a common cryptographic API in conjunction with RHEL Security enabling product teams to consume crypto services in a standardized crypto-agile way.

  • Steer collaboration across product teams (OpenShift Middleware Ansible etc.) to gather requirements and drive adoption of centralized modern cryptographic libraries.

• Lead Cryptographic Risk Management Strategy:

  • Architect and own the long-term strategy for cryptographic discovery runtime analysis and transition management within our products and for our customers.

  • Define the high-level requirements for our Cryptographic Bill of Materials (CBOM) and runtime auditing tools partnering with build and platform teams to create a sustainable solution for tracking crypto use and risk across the portfolio.

What You Will Bring:

• Technical Expertise: Deep and broad expertise in applied cryptography (PKI TLS digital signatures) and core libraries (OpenSSL NSS GnuTLS go). Expert-level understanding of modern cryptographic challenges and protocols including Post-Quantum Cryptography (PQC).

• Strategic Leadership: Proven experience architecting and driving complex cross-portfolio technical strategy in a large matrixed organization. You must be able to steer collaboration across products.

• Policy & Governance: Demonstrable experience in authoring evangelizing and governing technical security policy especially related to compliance standards like FIPS.

• Communication & Influence: Ability to translate complex cryptographic concepts into actionable plans for engineering product management and executive leadership.

• Bonus Skills: Deep knowledge of HSMs/PKCS#11 hardware-based key protection and standards body participation.

Pay Transparency

Red Hat determines compensation based on several factors including but not limited to job location experience applicable skills and training external market value and internal pay equity. Annual salary is one component of Red Hats compensation package. This position may also be eligible for bonus commission and/or equity. For positions with Remote-US locations the actual salary range for the position may differ based on location but will be commensurate with job duties and relevant work experience.

About Red Hat

Red Hat is the worlds leading provider of enterprise open source software solutions using a community-powered approach to deliver high-performing Linux cloud container and Kubernetes technologies. Spread across 40 countries our associates work flexibly across work environments from in-office to office-flex to fully remote depending on the requirements of their role. Red Hatters are encouraged to bring their best ideas no matter their title or tenure. Were a leader in open source because of our open and inclusive environment. We hire creative passionate people ready to contribute their ideas help solve complex problems and make an impact.

Benefits
Comprehensive medical dental and vision coverage
Flexible Spending Account - healthcare and dependent care
Health Savings Account - high deductible medical plan
Retirement 401(k) with employer match
Paid time off and holidays
Paid parental leave plans for all new parents
Leave benefits including disability paid family medical leave and paid military leave
Additional benefits including employee stock purchase plan family planning reimbursement tuition reimbursement transportation expense account employee assistance program and more!

Note: These benefits are only applicable to full time permanent associates at Red Hat located in the United States.

Inclusion at Red Hat
Red Hats culture is built on the open source principles of transparency collaboration and inclusion where the best ideas can come from anywhere and anyone. When this is realized it empowers people from different backgrounds perspectives and experiences to come together to share ideas challenge the status quo and drive innovation. Our aspiration is that everyone experiences this culture with equal opportunity and access and that all voices are not only heard but also celebrated. We hope you will join our celebration and we welcome and encourage applicants from all the beautiful dimensions that compose our global village.

Equal Opportunity Policy (EEO)
Red Hat is proud to be an equal opportunity workplace and an affirmative action employer. We review applications for employment without regard to their race color religion sex sexual orientation gender identity national origin ancestry citizenship age veteran status genetic information physical or mental disability medical condition marital status or any other basis prohibited by law.

Red Hat does not seek or accept unsolicited resumes or CVs from recruitment agencies. We are not responsible for and will not pay any fees commissions or any other payment related to unsolicited resumes or CVs except as required in a written contract between Red Hat and the recruitment agency or party requesting payment of a fee.

Red Hat supports individuals with disabilities and provides reasonable accommodations to job applicants. If you need assistance completing our online job application email . General inquiries such as those regarding the status of a job application will not receive a reply.