1

Principal Security Engineer Jobs (NOW HIRING)

Experience: 8+ years of progressive security engineering experience, including at least 4 years in a senior or principal application security or product security role. * Application Security ...

As a Security Engineer, you will design and implement advanced security solutions, mentor and collaborate with other team members, and drive security initiatives across the organization while ...

As a Security Engineer, you will design and implement advanced security solutions, mentor and collaborate with other team members, and drive security initiatives across the organization while ...

next page

Showing results 1-20

Principal Security Engineer information

See salary details

$74K

$147.2K

$212.5K

How much do principal security engineer jobs pay per year?

As of Jul 13, 2026, the average yearly pay for principal security engineer in the United States is $147,220.00, according to ZipRecruiter salary data. Most workers in this role earn between $118,500.00 and $173,000.00 per year, depending on experience, location, and employer.

What are some common challenges faced by Principal Security Engineers in aligning security initiatives with business objectives?

Principal Security Engineers often encounter the challenge of balancing robust security measures with the need for business agility and growth. They must effectively communicate technical risks to non-technical stakeholders and advocate for security investments without hindering innovation or productivity. This role requires a proactive approach to integrating security early in the development lifecycle, collaborating closely with product, engineering, and executive teams to ensure that security strategies support overall business goals while mitigating threats.

What are Principal Security Engineers?

Principal Security Engineers are senior-level professionals responsible for overseeing the security architecture and strategy of an organization’s information systems. They lead the design, implementation, and maintenance of security protocols, ensuring compliance with industry standards and protecting against cyber threats. These engineers often mentor junior staff, conduct risk assessments, and collaborate with other departments to align security measures with business goals. Their expertise is critical for safeguarding sensitive data and ensuring the overall cybersecurity posture of the organization.

What is the difference between Principal Security Engineer vs Security Architect?

AspectPrincipal Security EngineerSecurity Architect
Required CredentialsCertifications like CISSP, CISM, CEH; Bachelor's or Master's in Cybersecurity or related fieldsSimilar certifications; often holds CISSP, SABSA, or TOGAF; background in security design
Work EnvironmentHands-on security implementation, incident response, vulnerability assessmentsDesigning security frameworks, creating security architecture, strategic planning
Employer & Industry UsageUsed across tech, finance, healthcare; focuses on security operationsCommon in large enterprises, consulting firms; focuses on security design
Search & Comparison IntentUnderstanding roles, responsibilities, career pathsDesigning security solutions, architecture planning

While both roles require strong cybersecurity credentials and involve security strategies, the Principal Security Engineer is more hands-on with security operations and incident response. In contrast, the Security Architect focuses on designing security frameworks and architecture to protect organizational assets.

Can you make $500,000 a year in cyber security?

Principal Security Engineers with extensive experience, advanced certifications, and expertise in areas like cloud security or threat management can potentially earn $500,000 or more annually, especially in high-cost-of-living regions or senior leadership roles. Achieving this level often requires a combination of technical skill, strategic responsibility, and industry reputation.

What engineers make $300,000 a year?

Principal Security Engineers and other senior cybersecurity professionals often earn $300,000 or more annually, especially with extensive experience, advanced certifications like CISSP or CISM, and expertise in areas such as cloud security, threat management, or security architecture. Compensation varies by industry, location, and company size, with senior roles in high-demand sectors typically reaching or exceeding this level.

What does a principal security engineer do?

A principal security engineer designs, implements, and manages security systems to protect an organization’s information assets. They lead security initiatives, conduct risk assessments, and develop policies, often utilizing tools like intrusion detection systems and security frameworks. This role typically requires advanced knowledge of cybersecurity principles and relevant certifications such as CISSP or CISM.

What are the key skills and qualifications needed to thrive as a Principal Security Engineer, and why are they important?

To excel as a Principal Security Engineer, you need deep expertise in cybersecurity principles, risk management, and network/system architecture, often backed by a degree in computer science or a related field and extensive industry experience. Familiarity with tools such as SIEM platforms, vulnerability scanners, incident response systems, and certifications like CISSP or OSCP is typically required. Exceptional problem-solving, leadership, and communication skills set individuals apart in this role. These skills ensure robust security strategies, effective team guidance, and the ability to address complex threats in dynamic enterprise environments.

What engineer makes $500,000 a year?

A Principal Security Engineer can earn $500,000 or more annually, especially with extensive experience, advanced certifications, and leadership responsibilities in cybersecurity. High compensation often reflects expertise in areas like threat management, security architecture, and the use of specialized tools, typically in large organizations or high-demand sectors.
More about Principal Security Engineer jobs
What cities are hiring for Principal Security Engineer jobs? Cities with the most Principal Security Engineer job openings:
What states have the most Principal Security Engineer jobs? States with the most job openings for Principal Security Engineer jobs include:
Infographic showing various Principal Security Engineer job openings in the United States as of July 2026, with employment types broken down into 95% Full Time, 2% Part Time, and 3% Contract. Highlights an 87% Physical, 4% Hybrid, and 9% Remote job distribution, with an average salary of $147,220 per year, or $70.8 per hour.

Principal Security Engineer, Product & AI

MQ Referrals Only

Remote

Full-time

Medical, Retirement

Re-posted 29 days ago


Job description

As Marqeta's Principal Security Engineer you will serve as the technical lead across our security engineering function. This role combines three critical responsibilities: leading product security engineering across our payment platform, building our AI security program as we scale generative AI and ML capabilities, and providing security architecture oversight across enterprise and infrastructure security.
Your primary focus will be product security and AI-threat modeling payment features, securing APIs, building genAI controls, and ensuring AI-powered capabilities ship securely. You'll also own the security architecture function and provide technical oversight for infrastructure security-endpoint protection, network security, VPN, and enterprise security controls-ensuring coherent security standards across everything we build and operate.
You'll partner closely with Product Security, Infrastructure Security, and Security Operations teams and serve as the security voice in our Model Risk Office. This is an individual contributor role with mentoring responsibilities and broad technical influence across the security, engineering, and business technology organizations.
We work Flexible First. This role can be performed remotely anywhere within the United States or from our Oakland office. We'd love for you to join us!
You'll have the chance to:
  1. Lead product security engineering for our payment platform-owning threat modeling, security architecture review, secure SDLC practices, and API security across the engineering organization
  2. Help mature our AI security programdeveloping genAI controls, securing ML pipelines, and working alongside the Model Risk Office for model evaluations.
  3. Provide security architecture oversight across infrastructure and enterprise security-endpoint, network, VPN, and corporate security controls-ensuring technical standards are coherent across all security domains
  4. Shape how security engineering scales across the organization through tooling, frameworks, security champions engagement, and engineering partnerships

The Impact You'll Have:
Product Security:
  • Conduct security architecture reviews and threat modeling for new product features, APIs, and service integrations across the payment platform
  • Define and maintain secure development lifecycle practices including secure code review standards, API security patterns, and authentication/authorization frameworks
  • Develop self-service security tooling and developer-facing guardrails that reduce friction while maintaining security posture

AI Security:
  • Lead security strategy and risk assessment for AI/ML systems including customer-facing AI products, fraud detection models, LLM integrations, and recommendation systems
  • Build genAI security controls-prompt injection prevention, output filtering, model validation, and monitoring frameworks
  • Perform security assessments of AI/ML model architectures, training pipelines, inference endpoints, and deployment infrastructure
  • Evaluate and operationalize AI-powered security tools (e.g., AI-assisted code review, anomaly detection, automated threat intelligence) to improve security operations

Enterprise & Infrastructure Security Oversight:
  • Provide technical oversight for infrastructure security including endpoint protection, network security, VPN, and enterprise security controls
  • Ensure coherent security architecture standards across product, cloud infrastructure, and corporate environments
  • Drive technical decisions for security tooling and controls that span the full environment-from developer laptops to production infrastructure

Across All Domains:
  • Partner across Product Security, Infrastructure Security, and Security Operations teams as well as engineering, data science, and compliance
  • Mentor security engineers and cross-functional teams, raising the organization's overall security engineering maturity
  • Communicate security risks and strategy to executive and board-level audiences

Who You Are:
  • 10+ years of security engineering experience with demonstrated technical leadership across multiple security domains; or equivalent combination of education and experience
  • Deep product security expertise: threat modeling, security architecture review, secure code review, API security, authentication/authorization design, and secure SDLC practices
  • Experience with or strong interest in AI/ML security-understanding of risks including adversarial attacks, model poisoning, prompt injection, data privacy, and AI supply chain threats. We want someone who is genuinely excited about AI technology and wants to secure it, not just govern it
  • Broad security fluency across infrastructure and enterprise security-endpoint protection, network security, identity, and cloud security-even if your deepest expertise is in application and product security
  • Experience working in cloud-native environments (AWS preferred) with familiarity across AI/ML services (Bedrock, SageMaker, etc.)
  • Proven ability to build security frameworks, tools, and programs from the ground up
  • Strong programming skills in at least one language (Python, Java, Go, or similar) with the ability to read and review code across multiple languages
  • Experience with security assessment methodologies and risk management frameworks
  • Working knowledge of compliance and control frameworks relevant to financial services (PCI DSS, SOX, SOC2, NIST CSF)
  • Ability to communicate complex security risks to both technical and executive audiences

Nice to Have:
  • Financial services or fintech experience strongly preferred
  • Experience securing payment processing systems, card issuing platforms, fraud detection models, or transaction monitoring infrastructure
  • Hands-on experience with LLM security: prompt injection mitigation, output filtering, RAG security, agent security patterns
  • Experience with enterprise security platforms (EDR, SIEM, identity providers, network security tools)
  • Experience with ML frameworks (PyTorch, TensorFlow) or background in data science / machine learning engineering
  • Knowledge of AI governance, model risk management practices, and emerging AI regulatory frameworks (EU AI Act, NIST AI RMF)
  • Background in supply chain security, CI/CD pipeline security, or secure software composition analysis
  • Experience with privacy-preserving ML techniques (differential privacy, federated learning, secure multi-party computation)
  • Experience with Kubernetes, containerized workloads, and Infrastructure as Code (Terraform)
  • CISSP, CCSP, CISA, or other relevant security certifications
  • Experience building and scaling security programs in high-growth environments

Typical Process:
  • Application Submission
  • Recruiter phone call
  • Hiring manager video call
  • Virtual "Onsite" consisting of 5-6, 45-60 min video calls
  • Offer!

At this point, we hope you're feeling excited about the role. You're encouraged to apply even if your experience doesn't precisely match the job description. Your skills and passion will stand out-and set you apart-especially if your career has taken some extraordinary twists and turns. We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates, so again, don't hesitate to apply - we'd love to hear from you.
Compensation and Benefits:
Marqeta is a Flex First company which allows you to choose your best working environment, whether that be from home or at a company office. To support Flex First, we calibrate pay to a competitive value according to working location. Compensation is aligned according to three tiers within the United States:
  • National: A baseline tier that applies to most of the geographic territory of the United States.
  • Premium: Slightly elevated from the National tier, and oriented toward a narrower set of higher cost-of-living areas, such as Los Angeles CA and Seattle WA
  • Premium Plus: A tier for the most expensive working areas, like the San Francisco Bay area and New York City.

Visit this page or consult with a Recruiter to determine which tier would be applicable to you.
When determining salaries, we consider several factors including, but not limited to, skills, prior experience, and work location. The new-hire base salary range for this position is:
  • National: $218,300 - $272,900
  • Premium: $236,200 - $295,300
  • Premium Plus: $256,800 - $321,000

We also believe in recognizing the contributions of our people. That's why we award annual bonuses to eligible employees, rewarding both individual performance and the success of the entire company.
Along with monetary compensation, Marqeta offers
  • Multiple health insurance options
  • Flexible time off - take what you need
  • Retirement savings program with company contribution and after tax contributions
  • Equity in a publicly-traded company and an Employee Stock Purchase Program
  • Family-forming benefits, fertility support, and up to 20 weeks of Parental Leave
  • Free therapy sessions, financial and professional coaching, and legal advice
  • Monthly stipend to support our remote work model
  • Annual "development dollars" to support our people growth and development
  • Through Flex First, the freedom to live and work wherever you and your family thrive