[Remote] Principal Security Engineer
Note: The job is a remote job and is open to candidates in USA. Avalara is an AI-first company focused on revolutionizing tax compliance through innovative technology. They are seeking a Principal Security Engineer to lead the design and implementation of platform-wide security capabilities, partnering with various teams to enhance security across their SaaS platform.ResponsibilitiesLead the design and implementation of secure-by-default platform capabilities, including authentication, secrets management, encryption, identity controls, and security automation servicesEstablish and drive adoption of zero-trust architecture principles, least-privilege access models, and platform security standards across infrastructure and engineering environmentsServe as the technical lead for Platform Security initiatives, providing direction, prioritization, and technical leadership across multiple teams and stakeholdersAct as a subject matter expert on threat modeling, software supply chain security, cloud security, infrastructure security, and secure software development practicesDrive complex, cross-functional security programs with clearly defined milestones, measurable outcomes, and organizational impactDevelop and execute strategic remediation programs that improve security posture and reduce risk across the enterprisePartner with engineering leaders to integrate security capabilities into development platforms, CI/CD systems, and cloud-native architecturesEvaluate and implement AI-enabled approaches that improve security operations, vulnerability management, and platform protection capabilitiesMentor engineers and help elevate platform security expertise across the broader engineering organizationSkillsBachelor's degree in Computer Science, Computer Engineering, Electrical Engineering, Mathematics, or a related technical discipline12+ years of relevant professional experience, including at least 5 years focused on cloud, infrastructure, or platform securityStrong programming experience in Java, Go, Python, or similar languages used for security automation and platform engineeringDeep expertise in cloud platform security across AWS, Azure, Google Cloud, or OCI environmentsExpertise in container security, Kubernetes security, service mesh technologies, Infrastructure as Code, and cloud security posture managementStrong understanding of identity and access management, network security, vulnerability management, runtime security, and software supply chain securityProven experience designing and integrating security tooling into CI/CD pipelines, software delivery workflows, and cloud-native platformsExperience leading large-scale security initiatives involving multiple engineering teams and stakeholder groupsStrong communication and technical leadership skills with the ability to influence engineering organizationsExperience securing large-scale SaaS or cloud-native platformsExperience leading platform security or security engineering programsExperience with AI-enabled security tooling and emerging AI security technologiesSecurity certifications such as CISSP, CCSP, GCSA, or equivalentExperience establishing security standards, architecture patterns, and engineering governance practicesBenefitsPaid time offPaid parental leaveBonusesPrivate medical insuranceLife insuranceDisability insuranceInclusive culture and diversity8 employee-run resource groups, each with senior leadership and exec sponsorshipCompany OverviewAvalara is a cloud-based platform that provides tax compliance software and automated solutions. It was founded in 2004, and is headquartered in Seattle, Washington, USA, with a workforce of 5001-10000 employees. Its website is http://www.avalara.com.Company H1B SponsorshipAvalara has a track record of offering H1B sponsorships, with 4 in 2026, 26 in 2025, 33 in 2024, 35 in 2023, 37 in 2022, 39 in 2021, 26 in 2020. Please note that this does not guarantee sponsorship for this specific role.