Jobs · Information Technology · Massachusetts

Principal Security Architect, Product & Application

Cambridge Mobile Telematics · Massachusetts, United States · 1 wk ago
HybridInformation TechnologyFull-time

About the role

Help us make the world's roads and drivers safer. We're hiring a Principal Security Architect I, Product & Application to own the security architecture of CMT's products. In this highly autonomous individual contributor role, you'll set the technical direction for product security and partner with engineering teams to design and deliver secure solutions.

Responsibilities

  • Own the end-to-end security architecture for CMT's products, including mobile SDKs, backend services, APIs, data pipelines, and partner integrations
  • Define security standards, reference architectures, and engineering guardrails, and drive adoption across the organization
  • Partner with product and engineering leaders to embed security throughout the SDLC
  • Lead threat modeling and define application security strategy, including testing, secure coding, secrets management, and software supply chain security
  • Own security architecture for protecting sensitive data and supporting privacy and regulatory requirements
  • Define security architecture and guardrails for AI-powered products and AI development tools
  • Own the Product Security roadmap, including technology strategy, prioritization, and risk-based decision making
  • Serve as the senior security authority for architecture reviews, technical guidance, and customer security engagements
  • Mentor engineers and champion secure design practices across the organization
  • Complete any additional tasks as they arise

Qualifications

  • Bachelor’s degree or equivalent years of experience and/or certification in a related field
  • 7+ years of experience in security with deep expertise in application and product security architecture
  • Proven ability to set technical direction and drive security initiatives through influence in a highly autonomous role
  • Strong software engineering foundation with experience reviewing code and system architecture across web services, APIs, and mobile platforms
  • Deep knowledge of secure SDLC, threat modeling, OWASP, authentication, cryptography, API security, and mobile security
  • Experience securing products that process sensitive personal data while supporting privacy and regulatory requirements
  • Working knowledge of AI/ML and LLM security, including the secure adoption of AI development tools

Nice to Haves

  • Experience with mobile SDK security, reverse engineering, and anti-tampering
  • Familiarity with data-intensive architectures and ML-driven products
  • Experience developing AI governance or secure AI adoption programs
  • Experience in telematics, IoT, connected vehicles, fintech, or other high-trust industries
  • Relevant certifications such as CSSLP, OSCP, or GWEB

Compensation and Benefits

Competitive salary based on skills and experience, and annual performance bonus. Medical, Dental, Vision and Life Insurance, matching 401k, short-term & long-term disability and parental leave. Unlimited Paid Time Off including vacation, sick days & public holidays. Flexible scheduling and work from home policy depending on role and responsibilities.

Additional Perks

  • Summer Fridays provide team members with half days to recharge
  • Join one of our employee resource groups: Black, AAPI, LGBTQIA+, Women, Book Club, and Health & Wellness
  • Comprehensive wellness, education, and employee assistance programs

Commitment to Diversity and Inclusion

We are an equal-opportunity employer committed to creating a workplace and culture where everyone feels valued, respected, and empowered to bring their unique talents and perspectives. Diversity is essential to our success, and we actively seek candidates from all backgrounds to join our growing team.

Similar jobs