Principal Security Engineer

About Appspace:

At Appspace, we’re passionate about creating better work experiences for people everywhere, and we’re looking for people that feel the same way. Our global office locations and flexible work culture help you work wherever and however you’re at your best. Plus, we take the time to help you enjoy your work, build lasting connections, and grow your role. Join the Appspace team and be a part of a culture that’s helping people everywhere love where they work.

Your Role as a Principal Security Engineer: 

We’re looking for a Principal Security Engineer with a passion for securing cloud environments and a proven history of leading complex security transformations. This is a hands-on, deeply technical role, not an advisory position, ideal for someone who thrives at the intersection of engineering and client engagement.

You'll use your expertise in cloud security, software security, and penetration testing to guide clients through high-impact security initiatives. A key focus of the role is conducting forensic investigations across cloud platforms (AWS, Azure, GCP), including containerized environments like Kubernetes.

In this role, you'll lead the design and implementation of modern security solutions, working directly with clients to assess needs and embed best practices across their teams. You’ll get your hands dirty configuring, maintaining, and remediating infrastructure—particularly within Google Cloud or Microsoft Azure—including networks, firewalls, and web application firewalls.

If you’re looking to lead, build, and solve real-world security problems in the cloud, this role was built for you.

A Day in the Life of a Principal Security Engineer: 

• Lead and execute security transformation initiatives for enterprise clients, focusing on cloud security, application security, and vulnerability management.
• Solid knowledge of operating systems, file systems, memory structures, and log analysis.
• Proficiency in scripting and automation (e.g., Python, PowerShell, Bash) to streamline investigations.
• Proficiency in forensic tools (e.g., EnCase, FTK) and evidence handling.
• Serve as a primary client-facing security expert, building strong relationships and effectively communicating complex technical concepts to both technical and non-technical stakeholders.
• Architect, design, and implement robust security solutions for cloud-native and traditional applications, with a strong emphasis on AWS, Azure, or GCP.
• Conduct in-depth security assessments, penetration tests, and code reviews to identify vulnerabilities and recommend remediation strategies.
• Develop and implement secure software development lifecycles (SSDLC), integrating security best practices throughout the entire development process.
• Provide expert guidance on OWASP Top 10 vulnerabilities, secure coding practices, and threat modeling.
• Drive the adoption of automated security testing tools and processes.
• The candidate will be available on occasional nights and weekends to support the Security Operations team and will be on-call in the event of any security incident.
• Mentor and provide technical leadership to other security engineers and client teams.
• Stay abreast of the latest security trends, threats, and technologies, continuously enhancing our service offerings.

What You’ll Need: 

• Bachelor’s degree in Computer Science, Cyber Security, Risk Management, or a related field (Master’s preferred).
• 10+ years of experience in information security, including securing cloud environments (Azure/GCP), application security, and security operations.
• Deep expertise in network and infrastructure security within major cloud platforms, including IAM, network configuration, and cloud-native security tools.
• Hands-on experience with vulnerability management, penetration testing, and common attack vectors; familiarity with SAST, DAST, and SCA tools.
• Strong understanding of the OWASP Top 10, secure coding principles, cryptography, and threat modeling.
  Proven track record leading client-facing security projects and transformation initiatives.
• Experience configuring and supporting SIEMs, managing security alerts, and writing custom scripts in PowerShell, Python, or Bash.
• Exceptional communication and interpersonal skills; able to influence and collaborate across technical and non-technical teams.
• Relevant certifications required: CISSP (required), CISM/CCSP/OSCP desirable; Azure or GCP certifications strongly preferred.
• Demonstrated ability to thrive in a dynamic, fast-paced, and client-focused environment.

Nice-to-Haves:

• Certifications such as CCSP, OSCP, CISM, or cloud-specific credentials (e.g., Google Cloud Security Engineer, Azure Security Engineer, AWS Security Specialty).
• Experience with Infrastructure-as-Code (IaC) tools like Terraform, CloudFormation, or ARM templates to automate security controls.
• Familiarity with container security and orchestration (Docker, Kubernetes).
• Knowledge of DevSecOps principles and integrating security into CI/CD pipelines.

The Perks of Working for Appspace:

For all our US based team members, we offer a variety of benefits from competitive salaries, medical, dental and vision coverage, disability coverage, employer paid life insurance, mental health resources, 401(k) plan and a fully paid parental leave program.

Additional perks include:

• Generous PTO
• Flexible work schedules
• Remote work opportunities
• Paid company holidays
• Appspace Quiet Fridays (No non-essential internal meetings scheduled)
• A casual dress work environment 

Disclaimer:

Appspace is committed to equitable compensation practices and complies with all applicable local, state, and federal regulations. For jurisdictions that require pay scale disclosure, a general compensation range may be provided during the initial stages of the interview process. Final compensation will be based on multiple factors including experience, skills, certifications, and overall fit for the role.

If you are located in a jurisdiction with specific pay transparency requirements, we will be happy to discuss the relevant range during your application process.