Position: Principal Security Architect, Product & Application We're hiring a Principal Security Architect I, Product & Application to own the security architecture of CMT's products. CMT has helped protect over 65 million drivers and prevent over 126,000 crashes worldwide. The problems are hard. The impact is real. No matter your role, your work will matter at CMT.ResponsibilitiesOwn the end‑to‑end security architecture for CMT's products, including mobile SDKs, backend services, APIs, data pipelines, and partner integrationsDefine security standards, reference architectures, and engineering guardrails, and drive adoption across the organizationPartner with product and engineering leaders to embed security throughout the SDLCLead threat modeling and define application security strategy, including testing, secure coding, secrets management, and software supply chain securityOwn security architecture for protecting sensitive data and supporting privacy and regulatory requirementsDefine security architecture and guardrails for AI‑powered products and AI development toolsOwn the Product Security roadmap, including technology strategy, prioritization, and risk‑based decision makingServe as the senior security authority for architecture reviews, technical guidance, and customer security engagementsMentor engineers and champion secure design practices across the organizationComplete any additional tasks as they ariseQualificationsBachelor's degree or equivalent years of experience and/or certification in a related field7+ years of experience in security with deep expertise in application and product security architectureProven ability to set technical direction and drive security initiatives through influence in a highly autonomous roleStrong software engineering foundation with experience reviewing code and system architecture across web services, APIs, and mobile platformsDeep knowledge of secure SDLC, threat modeling, OWASP, authentication, cryptography, API security, and mobile securityExperience securing products that process sensitive personal data while supporting privacy and regulatory requirementsWorking knowledge of AI/ML and LLM security, including the secure adoption of AI development toolsExcellent written and verbal communication skillsNice to HavesExperience with mobile SDK security, reverse engineering, and anti‑tamperingFamiliarity with data‑intensive architectures and ML‑driven productsExperience developing AI governance or secure AI adoption programsExperience in telematics, IoT, connected vehicles, fintech, or other high‑trust industriesRelevant certifications such as CSSLP, OSCP, or GWEBCompensation and BenefitsFair and competitive salary based on skills and experience, and annual performance bonusEquity may be awarded in the form of Restricted Stock Units (RSUs)Medical, Dental, Vision and Life Insurance, matching 401k, short‑term & long‑term disability and parental leaveUnlimited Paid Time Off including vacation, sick days & public holidaysFlexible scheduling and work from home policy depending on role and responsibilitiesAdditional PerksWork on a mission with real impact: crashes prevented, injuries avoided, lives protected around the worldJoin an industry leader — 65 million drivers protected, powering 140+ programs across 25 countriesRecognized innovator in mobility AI, earning top honors including the TIME Industry Leader in AI, a Gold Edison Award, and the Artificial…
Create an account to see the full posting, access our search engine, and more.You're just 60 seconds away from your new Creativeloft account.