Lead Security Architect
Access SystemsFull Time
Senior (5 to 8 years)
The Principal Security Engineer should possess hands-on engineering experience, including writing production code and securing modern systems, along with a full-spectrum mindset encompassing attacker and architect perspectives. Experience with cloud-native stacks (Azure, GCP), endpoint management, identity systems (SSO, MDM), and secure SaaS use is required, and experience securing internal and external AI/ML usage is highly desirable. Strong understanding of real-world threat models and risk reduction is also necessary.
As the Principal Security Engineer, you will partner with engineering teams to design secure-by-default systems and infrastructure, lead secure SDLC practices and runtime hardening efforts, shape developer-friendly security standards, and create educational materials. You will also own security for corporate infrastructure, including identity, email, Slack, SaaS apps, endpoints, and cloud accounts, stand up effective monitoring for external threats, implement modern DLP strategies, define and drive secure usage of GenAI tools, lead incident response, and engage with customers on security topics.
Cybersecurity software vulnerability analysis services
Endor Labs specializes in cybersecurity by focusing on reachability-based dependency analysis to identify vulnerabilities in software that hackers could exploit. Their team, composed of PhDs, analyzes software to provide a comprehensive risk score that evaluates security, quality, popularity, and activity. This analysis helps reduce alert noise by 80%, allowing clients to concentrate on the most critical issues. They offer a flexible policy engine for clients to create tailored risk profiles, minimizing disruptions in the software development process. Additionally, Endor Labs assists businesses in managing Software Bill of Materials (SBOM) and Vulnerability Exploitability Exchange (VEX) to understand the risks and costs associated with software ownership. Their goal is to enhance the security and quality of software for businesses of all sizes while generating revenue through their analysis and monitoring services.