1

Principal Product Security Engineer Jobs (NOW HIRING)

OR · On-site

As a Principal Product Security Researcher at Chainguard, you'll lead our product security research ... Partner with executive and senior engineering leadership to drive org-level security strategy ...

Principal Application Security Engineer

OR · Remote

$58.75 - $78.50/hr

We are looking for a hands-on Principal Product Security Engineer to lead our Secure Development Lifecycle assurance processes, our security automation technologies, drive the security hardening ...

As a Principal Product Security Researcher at Chainguard, you'll lead our product security research ... Partner with executive and senior engineering leadership to drive org-level security strategy ...

As Marqeta's Principal Security Engineer you will serve as the technical lead across our security engineering function. This role combines three critical responsibilities: leading product security ...

Product Security Engineer

Dallas, TX · On-site

$100K - $110K/yr

We are seeking an experienced Product Security Engineer to safeguard the confidentiality and integrity of intellectual property related to Cartamundi' s collectible trading card products. This role ...

Product Security Engineer

San Jose, CA · On-site

$74.16 - $92.70/hr

Product Security Engineer Full-time Remote You'll be joining Adobe on a contract opportunity, employed through NextDeavor Benefits You'll Love NextDeavor offers health, vision and dental benefits for ...

Role Overview ID.me is looking for a Product Security Engineer to join our Product Security organization as an execution-focused individual contributor. If you love deep technical work, building ...

Product Security Engineer Department: Information Technology Employment Type: Full Time Location: US-North Carolina-Raleigh Description This position is ideal for mid-level engineering professionals ...

Product Security Engineer Company: Tapestry - G0G Tapestry Solutions, A Boeing Company, brings over 30 years of industry experience designing, implementing, training, and supporting high-quality ...

Senior Product Security Engineer

Framingham, MA · On-site

$117K - $161K/yr

Principal Duties and Responsibilities As a Senior Product Security Engineer, you will work as an integral part of the Product Security team to embed security practices into every aspect of the secure ...

next page

Showing results 1-20

Principal Product Security Engineer information

See salary details

$74K

$147.2K

$212.5K

How much do principal product security engineer jobs pay per year?

As of Jul 14, 2026, the average yearly pay for principal product security engineer in the United States is $147,220.00, according to ZipRecruiter salary data. Most workers in this role earn between $118,500.00 and $173,000.00 per year, depending on experience, location, and employer.

How does a Principal Product Security Engineer typically collaborate with cross-functional teams during the product development lifecycle?

As a Principal Product Security Engineer, collaboration with cross-functional teams is integral to ensuring security is embedded throughout the product development lifecycle. You’ll work closely with product managers, software engineers, DevOps, and QA teams to identify potential security risks, review architectural decisions, and define security requirements early in the design phase. Regularly, you may lead security reviews, provide guidance on secure coding practices, and coordinate incident response plans. This role often involves educating teams on emerging threats and supporting them in implementing effective security controls, fostering a culture of shared responsibility for product security.

What are the key skills and qualifications needed to thrive as a Principal Product Security Engineer, and why are they important?

To thrive as a Principal Product Security Engineer, you need deep expertise in cybersecurity, secure software development, risk assessment, and a relevant degree or certifications such as CISSP or OSCP. Familiarity with security tools like static/dynamic code analyzers, penetration testing frameworks, and cloud security platforms is typically required. Outstanding analytical thinking, leadership, and communication skills help drive security initiatives and mentor cross-functional teams. These skills are crucial to proactively identify and mitigate security risks, ensuring robust protection of products and user data.

What is a Principal Product Security Engineer?

A Principal Product Security Engineer is a senior-level professional responsible for overseeing and guiding the security aspects of product development. They work closely with engineering, product, and security teams to ensure that security best practices are integrated throughout the product lifecycle. Their duties include conducting risk assessments, developing secure architecture, reviewing code, and mentoring other team members on security standards. This role often involves setting security strategy and policies, as well as staying current on the latest security threats and technologies.

What is the difference between Principal Product Security Engineer vs Security Engineer?

AspectPrincipal Product Security EngineerSecurity Engineer
CredentialsTypically requires certifications like CISSP, CISA, or GIAC; advanced degrees often preferredOften holds certifications such as Security+, CEH, or CISSP; may have less experience required
Work EnvironmentLeads security initiatives, designs security architecture, and influences product security strategyImplements security measures, monitors systems, and responds to security incidents
Employer & Industry UsageCommon in tech companies, especially in product-focused roles within cybersecurity teamsWidely used across industries for maintaining security posture and compliance

The Principal Product Security Engineer focuses on strategic security design and leadership in product security, while the Security Engineer handles day-to-day security operations and incident response. Both roles are vital but differ in scope and seniority within security teams.

More about Principal Product Security Engineer jobs
What job categories do people searching Principal Product Security Engineer jobs look for? The top searched job categories for Principal Product Security Engineer jobs are:
Principal Product Security Engineer

Principal Product Security Engineer

AspenTech

Bedford, MA

Full-time

Medical, Dental, Vision, Retirement, PTO

Re-posted 22 days ago


AspenTech rating

8.4

Company rating: 8.4 out of 10

Based on 7 frontline employees who took The Breakroom Quiz

74th of 209 rated software companies


Job description

The driving force behind our success has always been the people of AspenTech. What drives us, is our aspiration, our desire and ambition to keep pushing the envelope, overcoming any hurdle, challenging the status quo to continually find a better way. You will experience these qualities of passion, pride and aspiration in many ways - from a rich set of career development programs to support of community service projects to social events that foster fun and relationship building across our global community.

The RoleUnder the direction of the VP of Product Security this role is a key member for day-to-day operations of Product Security at Aspen Technology. This role will help protect our clients, enable teams to deliver secure development, and position us for future security needs.
This thought leader will help drive mitigation of risk thru activities such as developing Threat Models, driving Risk Assessments, reviewing alignment of standard controls to mitigate risks in products, oversee vulnerability tracking, ensure security documentation and compliance with security lifecycle activities for product security releases. This could include supporting compliance documents, secure patch release, security incidents, security communications, the security champion program, and product security verification/validation activities. This role will work closely with development teams, senior leaders, and teams across the organization. This role will work with teams across the organization to mitigate risks, protect our customers, protect our assets, and enable secure activities. The Principal Security Engineer will support the development and execution of product security strategic efforts to meet business and technology objectives.
This role will also support continuously improving product security policies, procedures, tools, guidelines, and security awareness. This role will also maintain a vigilant awareness of industry threats, standards, regulations, and best practices to enhance our security profile.Your Impact
  • Responsible for supporting the design, implementation, and oversight of Product Secure Development Lifecycle. Including aspects such as security requirements, secure architecture/design, risk assessment, threat models, security scanning, triage and vulnerability management, and product security validation/verification.
  • Administers product security practices to product teams, technology, and security champions across the organization.
  • Drive Product Security efforts to resolve challenges, enable automation, and impact organization security culture.
  • Monitors information security best practices, standards, regulations, industry threats and risks for improvements to product security practices.
  • Maintains a deep understanding of current issues in the realm of information security. Subscribes to major industry newsgroups and mailing lists and assesses the impact of all emerging issues on systems and practices at Aspen Technology.
  • Monitors security bulletins and alerts from all Aspen Technology's information system vendors. Evaluates vulnerability impact and formulates and executes risk mitigation plans for product security.
  • Member of the AspenTech Security Emergency Response Team (ASERT) providing expert analysis of security customer reported security incidents. Works with information resource owners during and after security incidents; work with product teams for analysis; recommends best practices and solutions. Where appropriate, work with product teams, technology teams, client support and customer contacts.
  • Occasionally after hours and weekend work to perform tasks that cannot be done during business hours.
What You'll Need
  • Bachelor's degree (B.A./B.S.) or equivalent in computer science or technical equivalent discipline from an accredited college or university required.
  • 8+ years of experience in IT required.
  • 5+ years of experience in an information security role or experience with security and development teams.
  • Knowledge of information security regulatory requirements for privacy, secure by design, and defense in depth.
  • Maintains broad understanding of information security including ISO27002, NIST and other information security frameworks and regulations.
  • Experience with Application/Product Security, Risk Assessment, Threat Models, Secure Architecture/Design, Security Scanning. (SAST, DAST, SCA, cloud security configuration scanning)
  • Experience with cloud solutions such as Azure and AWS - Experience with security policy, procedures, tools, services, and cloud security models.
  • Demonstrated ability to plan, design, develop, deploy, and maintain application security best practices.
  • Ability to assume high levels of responsibility and to work with a minimum of day-to-day supervision.
  • Ability to cooperatively and effectively work with people from all organizational levels and build consensus through negotiation and diplomacy.
  • Preferable exposure to the following: IEC 62443-4-1, IEC 62443-4-2, NIST 800-53, ISO 27001, ISO 27002, Cloud Security Alliance (CSA), Cybersecurity and Infrastructure Security Agency (CISA), SANS, OWASP, CWE 25, ethical hacking, and AI Security best practices.
  • Desired domain knowledge and/or certification: CISSP, CISA, CCSP, CSSLP, CEH, SANS GIAC, security certification from AWS or Azure.
  • Desired knowledge of the following Technologies: Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA).
  • Experience with Application Security Best Practices such as web security, cloud security, pen testing, fuzz testing, security coding guidelines, security architecture/design principles, CVSS, STRIDE, DREAD.
  • Experience with Application development technologies, processes, and best practices. For example: Agile, RUP, CICD, DevSecOps.

#LI-WJ1

The salary range for this role is $120,900.00 - $151,100.00. This range represents what we in good faith believe is the range possible for base compensation for this role at the time of this posting. We may ultimately pay more or less than the posted range based on several factors. This range may be modified in the future. This role is also eligible for bonus or variable incentive pay. Additionally, we offer a comprehensive benefits package including paid time off, charitable giveback day, medical/dental/vision insurance, and retirement benefits to eligible employees.

What AspenTech employees say

Pay

Hours and flexibility

Workplace

Get the full story on Breakroom