Ready to be a Titan?
We are looking for a visionary Principal Security Architect to serve as the master designer of our digital defense spanning disciplines of Product Security, Corporate Security, and Risk Management. You will balance cutting-edge innovation with uncompromising protection, ensuring our infrastructure is resilient by design rather than by reaction. You will lead security architecture efforts for flagship customer-facing initiatives and partner closely with technical and business leaders to make a lasting impact. By integrating with delivery teams as a Subject Matter Expert, you will provide detailed consultation to ensure software solutions are secure, scalable, and adhere to industry-leading security standards.
What You’ll Do:
Architect and Enforce Secure Cloud Native Guardrails
Security as Code and Platform Guardrails: Design and implement enforceable security controls directly into Infrastructure as Code, CI CD pipelines, and cloud control planes. Define reusable, opinionated reference patterns that bake in least privilege IAM, secure defaults, encryption standards, workload identity, network segmentation, and tenant isolation across AWS, Azure, or GCP. Ensure guardrails are preventative by default rather than detective after deployment.
Secure SaaS Architecture and Isolation: Own and evolve security reference architectures for multi tenant customer facing platforms, including API security, strong service to service authentication, authorization boundaries, secrets management, and blast radius containment. Embed data level protections and isolation controls that scale with product growth.
Automated Architecture Assurance: Institutionalize automated architecture reviews through policy as code, static analysis, and runtime controls that continuously validate alignment with Zero Trust principles, regulatory requirements, and internal security standards. Replace manual review bottlenecks with scalable, measurable security enforcement.
Design and Modernize Corporate Security Controls
Workforce Identity and Just in Time Access: Design and implement modern workforce identity architecture grounded in Zero Trust principles. Develop and mature just in time and just enough access strategies across SaaS applications, cloud administration, and internal systems. Reduce standing privilege through automated provisioning, strong authentication, device trust, and continuous access evaluation.
Endpoint and Device Security Strategy: Evaluate, test, and recommend endpoint detection, response, and hardening controls across macOS, Windows, and mobile platforms. Define secure configuration baselines, telemetry standards, and device posture requirements that meaningfully reduce lateral movement and credential theft risk. Continuously assess control efficacy through validation testing and measurable risk reduction.
Security Orchestration and Automation: Identify and implement automation opportunities across identity, endpoint, and security operations workflows. Architect integrations between IAM, EDR, MDM, SIEM, and ticketing platforms to eliminate manual processes, accelerate containment, and improve signal to noise. Drive security as code and event driven enforcement across corporate systems.
Control Assurance and Continuous Improvement: Establish mechanisms to test and validate corporate security controls through simulation, access reviews, configuration audits, and adversary emulation. Translate findings into architectural improvements that harden the enterprise environment while maintaining workforce productivity.
Strategic Advisory and Governance
Executive Consultancy: Act as the primary security consultant for executive leadership, translating complex cyber threats, regulatory requirements, and risk posture into actionable architectural guidance.
Risk-Based Trade-offs: Lead risk-based trade-off discussions regarding security, privacy, usability, and delivery, documenting key decisions and rationale to help teams move quickly and consistently. Actively engage in governance processes to ensure compliance with regulations such as PCI DSS, CCPA, SOC2, ISO 27001, ISO 27701, and ISO 42001.
Secure and Advance AI Across the Enterprise
Product AI Security: Design and review secure architectures for AI enabled product capabilities, including LLM workflows, RAG pipelines, agentic systems, and Model Context Protocol integrations. Define rigorous guardrails for tenant isolation, data ingestion, tool permissions, sensitive data handling, prompt safety, authorization boundaries, output controls, and auditability.
Corporate AI Governance: Partner with IT, Legal, Data, and Engineering leaders to implement controls for internal AI usage and third party AI services. Establish lifecycle governance for model selection, validation, monitoring, and retirement aligned with emerging standards and regulation. Prevent sensitive data leakage, manage vendor risk, and enforce privacy, compliance, and intellectual property protections.
AI Driven Security and Emerging Technology: Leverage AI to enhance detection, response, and secure development workflows while mitigating risks such as prompt injection, model abuse, adversarial manipulation, and model poisoning. Evaluate and guide adoption of emerging technologies to ensure long term resilience against sophisticated threat actors.
What You’ll Bring:
Experience: 12+ years of experience in senior technical roles with 5+ years focused on Security Architecture. Demonstrated leadership at the enterprise or divisional level, and a strong background in software engineering, product security, and/or enterprise architecture.
Architectural Mastery: Deep experience with security frameworks (NIST, ISO 27001, SOC2) and comprehensive knowledge of cloud-native security across Azure and/or AWS.
Systems Thinking: The ability to see the "big picture," understanding how changes in identity management or network design impact the global data footprint. Expertise in modern authentication protocols like OAuth 2.0, OpenID Connect, and SAML 2.0.
Technical Depth: Hands-on proficiency in secure network design, IAM, encryption standards, container security (e.g., Kubernetes), and CI/CD plus IaC guardrails.
AI-Native Behavior: You actively use AI today and can clearly articulate where it helps, where it introduces risk, and the necessary guardrails you apply. You understand the implications of Non-Human Identity and management strategies to reduce risk.,
Why this role?
Measurable Impact: You will have a track record of driving security-focused initiatives that unify technical security, enterprise architecture, application architecture, and business outcomes. You will empower business units to achieve their strategic goals with confidence while minimizing risk.
Cross-Functional Ownership: You will have the autonomy to partner with engineering, product, and compliance teams, leveraging your strong collaboration skills to challenge ideas respectfully, mentor others, and influence without direct authority.
Inclusive Culture: We value diverse perspectives and ensure every voice is heard. We are committed to building teams that include a variety of backgrounds, perspectives, and skills, as this is critical to helping us achieve our mission.
Be Human With Us:
Being human isn’t about checking every box on a list. It’s about the experiences we have, people we meet, and the perspectives we share. So, if you have the skills but are hesitant to apply because of your background, apply anyway. We need amazing people like you to help us challenge the conventional and think differently about the problems that we’re solving. We’re in this together. Come be human, with us.
Use of AI Technology:
We use technology, including automated and AI-assisted tools, to support certain aspects of our recruitment process. These tools are designed to improve efficiency and enhance the candidate experience. AI tools are not used to make hiring decisions; all hiring decisions are made by our hiring teams.
What We Offer: When you join our team, you’re not just accepting a job. You’re making a career move. Here’s how we’ll support you in doing some of the most impactful work of your career:
- Flextime, recognition, and support for autonomous work: Flexible time off with ample learning and development opportunities to continue growing your career. We offer a comprehensive onboarding program, leadership training for Titans at all levels, and other programs and events. Great work is rewarded through Bonusly, peer-nominated awards, and more.
- Holistic health and wellness benefits: Company-paid medical, dental, and vision (with 100% employer paid options and 90% coverage for dependents), FSA and HSA, 401k match, and telehealth options including memberships to One Medical.
- Support for Titans at all stages of life: Parental leave and support, up to $20k in fertility services (i.e. IUI and IVF), surrogacy, and adoption reimbursement, on demand maternity support through Maven Maternity, free breast milk shipping through Maven Milk, pet insurance, legal advisory services, financial planning tools, and more.
At ServiceTitan, we celebrate individuality and uniqueness. We believe that the convergence of fresh perspectives and experiences from all walks of life is what makes our product and culture so great. We strongly encourage people from underrepresented groups to apply. We do not discriminate against employees based on race, color, religion, sex, national origin, gender identity or expression, age, disability, pregnancy (including childbirth, breastfeeding, or related medical condition), genetic information, protected military or veteran status, sexual orientation, or any other characteristic protected by applicable federal, state or local laws.
ServiceTitan is committed to fair and equitable compensation for all of our employees. We thoughtfully consider a wide range of factors when determining individual compensation.The expected salary range for this role for candidates residing in the United States is between $204,000 USD - $272,900 USD. Compensation for candidates residing outside the United States will vary by location and the specific salary range will be discussed during the hiring process. Actual compensation for an individual may vary depending on skills, performance over time, qualifications, experience, and location. In addition to the base salary, the total compensation package also includes an annual bonus, equity and a holistic suite of benefits.