NA

Principal Security Architect (SaaS Cloud)

Job summary

US
Engineering

Work model

Hybrid
4 days ago
Job description

Role Overview

We are looking for a Principal Security Architect to serve as the principal security architecture authority responsible for defining, governing, and evolving security architecture standards across Nasuni's SaaS platform and engineering organization.

The Principal Security Architect will influence security outcomes across multiple engineering organizations and serve as a key partner to executive leadership in shaping the future security posture of Nasuni's cloud-native platform. This is a senior individual contributor role reporting directly to the CISO, with broad influence across product, engineering, and infrastructure teams.

You will set architectural standards, lead complex security design efforts, define our DevSecOps and cloud-native security posture, and serve as a trusted partner to engineering and product leadership. This role serves as the final architecture authority for security design standards, security architecture reviews, and security exception recommendations, ensuring consistency across product and platform engineering initiatives.

Key Responsibilities

Cloud & Platform Security

  • Design and enforce security reference architectures for Nasuni's multi-cloud SaaS platform across AWS, Azure, and GCP, covering areas like workload identity, network segmentation, tenant isolation, encryption standards, and blast radius containment.
  • Embed security controls directly into Infrastructure as Code, CI/CD pipelines, and cloud control planes using a security-as-code approach, making guardrails preventative by default, not detective after the fact.
  • Own the evolution of API security patterns, service-to-service authentication, secrets management, and authorization boundaries across our SaaS architecture.
  • Define and own lifecycle of security reference architectures, reusable security patterns, and architecture standards adopted across engineering teams.

Security Governance & SDLC

  • Lead the security architecture review process, providing architectural guidance, governance decisions, and risk-based exception recommendations for critical engineering initiatives.
  • Partner with product and engineering teams as the authoritative security SME throughout the software development lifecycle, from design and threat modeling through code review, testing, and deployment.
  • Lead threat modeling and security design reviews for complex product features, API integrations, and infrastructure changes.
  • Drive consistency of SAST/DAST tooling, dependency scanning, and secure SDLC practices across engineering teams.
  • Define and govern application security standards including input validation, authentication, authorization, and data protection patterns.
  • Lead or oversee penetration testing programs and responsible vulnerability disclosure processes.

AI Security & Strategy

  • Design and review secure architectures for AI-enabled product capabilities, including LLM workflows, RAG pipelines, agentic systems, and Model Context Protocol integrations, with rigorous controls for tenant isolation, prompt safety, data ingestion, authorization boundaries, and output auditability.
  • Partner with Engineering, Product, Legal, and GRC teams to define governance controls for AI-enabled product capabilities and third-party AI technologies incorporated into Nasuni's SaaS platform.
  • Evaluate emerging AI-driven security capabilities and guide responsible adoption to strengthen detection, response, and secure development workflows.
  • Define and evolve Nasuni's long-term security architecture strategy, translating business, product, and technology objectives into scalable security capabilities and architectural roadmaps.

Leadership & Influence

  • Provide final architectural guidance on security trade-offs involving platform scalability, customer experience, operational complexity, and risk tolerance.
  • Lead risk-based architecture trade-off discussions across security, privacy, usability, and delivery velocity — documenting decisions clearly so teams can move with confidence.
  • Institutionalize automated architecture assurance through policy-as-code, static analysis, and runtime controls that continuously validate Zero Trust principles and internal standards.
  • Serve as a trusted technical advisor to engineering leadership, translating complex security risk into actionable architectural guidance.
  • Establish security architecture practices that scale across engineering organizations.
  • Mentor senior engineers and security practitioners in secure design and architectural thinking.
  • Create reusable standards, design patterns, threat models, and engineering guidance that improve security outcomes across multiple teams.
  • Raise architectural maturity through education, governance, and technical leadership.

Benefits

  • Generous paid time off
  • Comprehensive medical, dental, and vision plans
  • Retirement/pension plans
  • Professional growth opportunities and performance bonuses
  • Work/life balance with flexible schedules and locations
  • Generous employee referral bonus
  • Incentive stock options
  • Free on-site fitness center
  • Work from home
  • Flexible commuting options including bike, water shuttle, and public transportation
  • Stand-up desks
  • Complimentary on-site snacks and beverages
  • Pre-tax commuter benefits in many states
  • Pet insurance