Adventure's around the corner...

Principal/Senior Staff Security Engineer - (Product Security)

  • DepartmentInformation Security
  • LocationUnited States - Remote
  • Location TypeRemote
Are you passionate about architecture and design security? Do you have prior experience designing security platforms across a breadth of software environments, from the hybrid world of enterprise applications, SaaS solutions, and cloud services offered to both the corporate users and customers? Are you an expert in aligning architecture to enterprise security standards and industry best practices while ensuring that the architecture finds the balance between security, compliance and operational ease? We have the job for you. You will lead the security architecture as part of the Information Security team at Guidewire and work in a highly collaborative environment building next generation cloud platform and services. 

What you would do:

  • Reporting within the Information Security Services department, you will be responsible for the secure architecture of the cloud platform, products and customer facing services.
  • Develop technology roadmap, architecture and implement security and compliance for the Guidewire enterprise.
  • Collaborate with cross functional teams to architect various security controls such and translate them for engineering implementation.
  • Collaborate with Open Source communities, Product Development, Professional Services, Cloud Operations, and Business Technology and provide technical leadership to develop and maintain compliance.
  • Evangelize security best practices across Guidewire.
  • Create security metrics and work with the teams to achieve the same.
  • Provide insight and recommendations on remediation strategies for security issues.
  • Own security architecture and provide technical guidance to multiple teams.
  • Ensure confidentiality, integrity, and availability within the design of architected solution.
  • Ensure High Availability (HA) and Disaster Recovery (DR) are designed as part of relevant system/services.
  • Build and lead a high performance team.
  • Mentor others in security best practices.

What you would need to succeed:

  • 12+ years within Information Security Services designing, building, and maintaining secure, compliant, and cost-effective solutions.
  • SME Application Penetration Testing using both SAST and DAST methods
  • Prior deep software security experience (SME) and passion for building secure platforms and customer facing solutions.
  • In-depth knowledge and experience in software or product software security engineering
  • Emphasize team wins over individual success.
  • Strong technical communication skills.
  • Subject Matter Expert on Application Product Security and Design
  • Proven track record of architecting secure, compliant, cost-effective, and highly available solutions.
  • Proven track record of designing solutions with security in-depth solutions.
  • BS or MS degree (Computer Science or Math)
  • Preferred, industry-based certifications such as CISSP, CISM, CISA, etc…
  • Preferred technical certifications from cloud providers or security tool providers.

Required skills:

  • Design and develop software application security architectures for hybrid and multi-cloud based systems that comply with industry best practices
  • In-depth knowledge on containers, data security, network security, control plane security and governance. 
  • Deep experience with security in cloud environments around GDPR/CCPA, federated security models and secrets management 
  • Understand security practices around the SSDLC process and tool sets such as CI/CD, SAST, DAST, pen tests, etc.
  • Understand of relevant frameworks such as NIST, CIS, etc…
  • Understanding for regulatory requirements and controls such as GDPR, SOX, SOC II, etc…
  • Expertise in crypto standards, methods, and management
  • Expertise in authentication protocols and authorization standards e.g SSL/TLS, SAML, OAuth, JWT, OPA) 
  • Expertise in Identity and Access Management practices, controls and tool sets.
  • Experience in Security Operations practices, controls, and tools sets.  
  • Understand Microservice security architecture (AuthN, AuthZ architecture and user/service interaction model) 
  • Prior experience of building and securing large scale distributed systems on AWS, GCP, Azure, or On prem.
  • Expertise in AWS infrastructure and concepts such as VPC, subnets, security groups, S3, RDS, EC2, Glacier, Lambda, IAM, security, encryption, DevOps, replication and disaster recovery 
  • Eager to learn new things and passionate about technology
  • Prior experience handling multiple clusters and effectively managing multiple tenants in these clusters providing good governance and isolation, explain to prospective clients the cloud security model

#LI_Remote

#feature
#securityarchitect #infosec #saas #dast #sast #application

Salary Information

Salary Range: $184000 - $225000 per year

The US base salary range for this full-time position is $184,000 - $225,000+ bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

About Guidewire


Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. We combine digital, core, analytics, and AI to deliver our platform as a cloud service. More than 540+ insurers in 40 countries, from new ventures to the largest and most complex in the world, run on Guidewire.

As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1600+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of applications that accelerate integration, localization, and innovation.

For more information, please visit www.guidewire.com and follow us on Twitter: @Guidewire_PandC.

Guidewire Software, Inc. is proud to be an equal opportunity and affirmative action employer. We are committed to an inclusive workplace, and believe that a diversity of perspectives, abilities, and cultures is a key to our success. Qualified applicants will receive consideration without regard to race, color, ancestry, religion, sex, national origin, citizenship, marital status, age, sexual orientation, gender identity, gender expression, veteran status, or disability. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.

Disability Accommodations and Guidewire’s Appeals Process. Guidewire provides accommodations to the hiring process to create a fair opportunity for candidates with disabilities to contend for open positions. Accommodation requests should be directed to (650) 356-4940 or Accommodations@guidewire.com. If things do not go as hoped, we invite you to use our appeals process. Guidewire promises to independently review any denied accommodation and any decision not to offer you the position. The appeals process is the same in either case. Within five business days of receiving a notice of denial of an accommodation, or receiving a notice of your non-selection for a vacancy, call (650) 356-4940 or e-mail Accommodations@guidewire.com to make an appeal. Guidewire will assign a new decision-maker to review the request and/or hiring decision, who will then notify you in writing of a decision within 10 business days.
Talent rewards

The perks. The rewards. The good stuff.

We’re proud to shout about our awesome benefits packages. Holistic wellness is a big deal for us. We offer everything you need to support your work and, most importantly, your work-life balance. We’re committed to helping you be the best version of yourself. Inside and outside of work.

FINANCIAL

FINANCIAL

Receive market-competitive pay and incentive programs—because you deserve it! To help future-proof your income, we offer generous support through retirement savings plans.

HEALTH AND WELLNESS

HEALTH AND WELLNESS

Keep your physical and emotional health in tip-top shape with health insurance for you and your family, an employee assistance program, annual wellness reimbursement, and access to wellness resources.

FLEXIBLE WORKING

FLEXIBLE WORKING

Work in an environment where you’ll have the freedom and trust to make an impact, with time for your life outside of work.

DOWNTIME

DOWNTIME

Relax and kick back through our generous paid time-off programs. Make a difference in your community with three volunteer days each year. Take your own personal day of rest with My Day. We also offer ample paid leave for all new parents.

CONTINUAL DEVELOPMENT

CONTINUAL DEVELOPMENT

We encourage self-directed learning, giving you every chance to become a better version of yourself, both professionally and personally. At Guidewire, lifelong learning is here for the taking.

CAREER MOBILITY

CAREER MOBILITY

Your career opportunities are only limited by your own imagination. Guidewire’s community is filled with chances to expand your horizons across any of our teams or worldwide‌‌‌‌‌‌‌ locations.