Define and evolve product security architecture and strategy for Valon’s multi-tenant SaaS platform
Architect and guide secure implementation of customer-facing security capabilities in conjunction with Engineering (e.g., authentication / authorization models, identity integration, access controls, audit and logging, encryption / key management)
Build and maintain security reference architectures and standardized secure design patterns for product teams
Lead threat modeling, security design and code reviews for new features, services, and major architectural changes
Collaborate with Product, Engineering, Data, Compliance, Legal, and other teams to identify and drive mitigation for product and data security risks
Support vulnerability triage, remediation strategy, and root cause analysis for product security issues
Support security compliance and regulatory needs (e.g., SOC 2, CCPA, NYDFS, FTC), including customer-facing security discussions and due diligence
Develop, implement, and enforce security policies, standards, and procedures
Support operational activities including security advisory and consultative reviews, incident response, issue remediation, and other security processes

Requirements

8+ years in progressive senior security engineering or architect level roles, with 3+ years leading security design for enterprise-grade cloud and SaaS platforms
Bachelor's degree in Information Security, Computer Science, Technology or related field
Relevant security certifications (e.g., CISSP, CISM, CCSK, CCSP or similar)
Proven ability to design security reference architectures and implement customer platform security controls and technologies (IAM, API security, encryption/key management, logging/monitoring)
Hands-on experience with modern security technologies and tooling across cloud and application security

Benefits

Competitive salary with a meaningful stake in the company via equity, and 401k plan
We’ll invest in your physical and mental well-being with comprehensive medical, dental, & vision benefits
Commuter benefits: pre-tax deductions for public transportation, rideshare services, and parking expenses
Company wide orientation for successful onboarding and learning & development opportunities including regular review cycles featuring 360 degree feedback
Quarterly budgets for team and company outings, for team swag, cooking classes, or team dinners!
Flexible paid time off, sick days, and 11 company holidays
Baby bonding time: 12 weeks off for both birthing and non-birthing parents - fully paid

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security architecturesecurity designthreat modelingvulnerability triageencryptionkey managementidentity integrationaccess controlsaudit and loggingAPI security

Soft Skills

collaborationleadershipcommunicationproblem-solvingconsultative reviews

Certifications

CISSPCISMCCSKCCSP