Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

Product Security Architect

Remote: 
Full Remote
Contract: 
Full time
Experience: 
Expert & Leadership (>10 years)
Work from: 
India

Offer summary

Qualifications:

Bachelor’s degree in Cybersecurity, Computer Science or related field, 15+ years of experience in software engineering with a focus on product security for SaaS platforms, Master’s degree or security certifications preferred.

Key responsabilities:

  • Architect secure product environments addressing security across SaaS offerings
  • Develop security standards and integrate into the software development lifecycle
  • Conduct threat modeling and risk assessments to identify security vulnerabilities
  • Collaborate with teams to define security requirements throughout design and development
  • Oversee data security, encryption compliance, and lead vulnerability management efforts
Avalara logo
Avalara
1001 - 5000 Employees
About Avalara
Avalara makes tax compliance faster, easier, more accurate, reliable, and valuable for 41,000+ business and government customers in over 75 countries. Tax compliance automation software solutions from Avalara leverage 1,200+ signed partner integrations across leading ecommerce, ERP, and other billing systems to power tax calculations, document management, tax return filing, and tax content access. Visit avalara.com to improve your compliance journey.
See more Avalara offers

Job description

What You'll Do

Avalara aspires to be the global cloud compliance platform.

As a Product Security Architect at Avalara, you will be responsible for designing and implementing security frameworks and architectures that protect our SaaS product ecosystem. You will work closely with product development teams and DevOps teams to ensure security is built into our software from the ground up. This role focuses on safeguarding the entire product lifecycle, from design through deployment, ensuring that our customers’ data and our platform are secure from modern threats.

Key Responsibilities

Architect secure product environments that address security concerns across our SaaS offerings, ensuring the security of all product layers, including application, data, and infrastructure.

Develop security standards, guidelines, and best practices for product development teams, ensuring security is integrated into the software development lifecycle (SDLC).

Conduct threat modeling and risk assessments for new features and services to proactively identify and address potential security vulnerabilities.

Collaborate with product managers, developers, and DevOps teams to define security requirements and ensure they are incorporated throughout the design and development process.

Perform secure code reviews and work with development teams to establish secure coding practices, including automation of security testing in CI/CD pipelines.

Oversee data security and privacy mechanisms, such as encryption, data masking, and anonymization, to ensure compliance with regulatory requirements like GDPR, HIPAA, and others.

Lead vulnerability management efforts for products, including monitoring, identifying, and remediating security flaws across applications and services.

Establish security monitoring and incident response processes for our SaaS platform, working with DevOps teams to monitor security events and respond to product security incidents.

Stay up-to-date with the latest security threats and technologies that impact SaaS platforms, ensuring proactive measures are in place to address new risks.

Lead security-related training and awareness initiatives within the product and engineering teams, helping build a security-first mindset across the organization.

What You'll Need to be Successful

  • Education: 4 year Bachelor’s degree in Cybersecurity, Computer Science, Software Engineering, or related field. Master’s degree or security certifications (e.g., CSSLP, CISSP, CCSP) are highly desirable.
  • Experience:


15+ years of experience in software engineering, with a focus on product security for SaaS platforms.

Proven experience in secure software development and building security into product architectures from design to deployment.

Hands-on experience with cloud environments (AWS, Azure, GCP) and securing cloud-native applications (e.g., microservices, containerized workloads, serverless).

  • Technical Skills:


Strong understanding of secure coding practices, code review processes, and software vulnerability management.

Expertise in security protocols and technologies such as OAuth, OpenID, JWT, encryption (TLS, AES), and API security.

Experience with security tools for static code analysis (SAST), dynamic application security testing (DAST), and penetration testing tools.

Knowledge of container security (e.g., Kubernetes, Docker) and cloud security best practices (IAM, network security, logging, monitoring).

Familiarity with DevSecOps principles and the integration of security automation into CI/CD pipelines (e.g., Jenkins, GitLab, etc.).

  • Soft Skills:


Strong collaboration and communication skills, with the ability to work cross-functionally with development, product management, and DevOps teams.

Analytical mindset with the ability to assess risks and propose practical, scalable security solutions.

Excellent problem-solving skills and attention to detail.

Preferred Certifications

Certified Secure Software Lifecycle Professional (CSSLP)

Certified Information Systems Security Professional (CISSP)

Certified Cloud Security Professional (CCSP)

GIAC Cloud Security Automation (GCSA)

About Avalara

We’re Avalara. We’re defining the relationship between tax and tech.

We’ve already built an industry-leading cloud compliance platform, processing nearly 40 billion customer API calls and over 5 million tax returns a year.

Last year, we became a billion-dollar business, and our tribe expanded by a cool thousand people - there’s nearly 5,000 of us now. Our growth is real, and we’re not slowing down - not until we’ve achieved our mission - to be part of every transaction in the world.

We’re bright, innovative and disruptive, like the orange we love to wear. It captures our quirky spirit and optimistic mindset. It shows off the culture we’ve designed, that empowers our people to win. Ownership and achievement go hand in hand here. We instill passion in our people through the trust we place in them.

We’ve been different from day one. Join us, and your career will be too.

EEO Statement

We’re an Equal Opportunity Employer. Supporting diversity and inclusion is a cornerstone of our company — we don’t want people to fit into our culture, but to enrich it. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law. If you require any reasonable adjustments during the recruitment process, please let us know.

Required profile

Experience

Level of experience: Expert & Leadership (>10 years)
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Hard Skills

Cloud SecurityRisk AnalysisVulnerability ManagementSecure Application DevelopmentProduct SecurityIncident ResponseSecure Coding Best PracticesMicrosoft Security Development LifecycleData Security

Other Skills

  • Problem Solving
  • Collaboration
  • Communication
  • Analytical Thinking
  • Detail Oriented
Are you interested?

Related jobs

See more jobs
Sign in or sign up with Google or LinkedIn