Principal Security Engineer

SummaryMathWorks has a hybrid work model that enables staff members to split their time between office and home. The hybrid model provides the advantage of having both in-person time with colleagues and flexible at-home life optimizations. Learn More: https://www.mathworks.com/company/jobs/resources/applying-and-interviewing.html#onboarding.We’re looking for a hands-on, highly collaborative Principal Security Engineer to secure our software delivery pipeline. You’ll take ownership of protecting our CI/CD processes, Artifactory, and Internal Developer Platform against supply chain risks and malware attacks. This is a technical, impact-driven role where your expertise in threat modeling, security architecture, and systems design will shape our approach to secure software delivery at scale.MathWorks nurtures growth, appreciates inclusivity, encourages initiative, values teamwork, shares success, and rewards excellence.ResponsibilitiesDesign, implement, and continuously improve security controls across our CI/CD pipeline, Artifactory, and developer platformsCollaborate with various teams and key stakeholders within the organization to embed security best practices in software delivery workflowsLead threat modeling and risk assessments for our build and release pipelinesBuild and deploy custom security solutions and integrations as neededMonitor, detect, and respond to threats targeting our development infrastructureDrive innovation in automation, security architecture, and systems designFoster a strong security culture through knowledge sharing and mentorshipStay ahead of the latest threats, attacker methodologies, and evolving security trends to continuously refine our effortsMinimum QualificationsA bachelor's degree and 10 years of professional work experience (or equivalent experience) is required.Additional QualificationsProficiency in programming languages such as Python, Rust, or GoExperience with security threat modeling, penetration testing, and security reviews.Deep understanding of the software development lifecycle (SDLC), particularly in large, complex enterprise environments, and a passion for improving the developer experienceDeep understanding of modern attack vectors targeting software supply-chain through malicious code, third-party libraries, and CI/CD systemsAdvanced knowledge of developer tools, internal build and dependency systemsExperience with trusted software supply chain concepts, including security standards and best practices (e.g., SLSA), dependency/package management, vulnerability scanning, signing, provenance, and tools such as TeamCity, Jenkins, GitHub, GitLab, Artifactory, and KubernetesExperience with Cloud Native Computing Foundation (CNCF) projects related to CI/CD, security, and developer workflowAbility to collaborate with large, distributed engineering teams to contextualize and prioritize supply chain threats