Palo Alto Networks is a leading cybersecurity company dedicated to protecting the digital way of life. The role of Principal Engineer Software, Security involves defining and building core security engineering efforts to create a foundational security infrastructure used across the organization, ensuring security serves as a shared guardrail for all projects.
Responsibilities:
- Design, implement, and work with other engineering teams to operate security tools and programs across the organization, including access control & workflows, vulnerability management, and detection/response systems
- Collaborate with other engineers and with the business to identify the highest priority needs of the organization, and maintain a roadmap to address those needs
- Actively participate in design reviews, threat modeling, and incident analysis
- Help teams make high-quality security decisions, especially in ambiguous situations
- Set the bar for security, ownership, and quality across engineering
Requirements:
- 10+ years in security or infra-focused engineering roles with meaningful security ownership
- The ability to independently own projects from inception to delivery
- A systematic problem-solving approach, coupled with strong communication skills and a sense of ownership and drive
- Empathy for the problems faced by developers, and a passion for building tools and systems that address those problems
- Built vulnerability management systems that actually drive risk down
- Led security incident response efforts and postmortem improvements
- Strong interest in how things work. Curiosity and persistence is key to building the understanding needed to apply
- A flexible, collaborative working style. We're a small team working in a rapidly evolving space, and we're looking for people who will help build a positive, supportive environment
- Experience building foundational security programs at growth-stage companies
- Familiarity with compliance frameworks, but a healthy skepticism of security theater
- An outstanding ability to communicate risk with both technical and non-technical audiences
- Significant experience building infrastructure software in Go, C++, Rust, or Python