Principal Security Engineer (DRI), TaxDome
Staff/Principal level or equivalent · зарплата не указана · локация не указана · Telegram · опубликовано 11 мая 2026 г.
Описание вакансии
Format: It’s a fully remote role, we are hiring across European timezones.
Candidates must be based outside Russia and Belarus
About this role
We’re looking for a Principal Security Engineer (DRI) to join our Engineering organization and own application security across TaxDome’s platform during our AI-first engineering transformation. In this role, you’ll define and build the security model for AI-generated software delivery, embed security into product development and release gates, and directly impact product safety, platform resilience, and customer trust.
What you’ll be responsible for
Own and drive the Application Security workstream as the security DRI across all Domains and Pods.
Build automated security controls across the delivery loop, including secret scanning, SAST, SCA, IaC, container, dependency, and DAST gates.
Embed security into product discovery, threat modeling, acceptance criteria, and architecture decisions.
Define controls for AI-generated code, including dependency risk, tenant isolation, prompt injection, agent misuse, and risky migrations.
Own the security reviewer AI agent and improve its detection quality, escalation logic, and coverage.
Partner on incident response, supply chain security, secrets management, and compliance-related technical controls.
Raise security maturity through practical guidance, reusable rules, and developer education.
What you bring
Must-have
7+ years in Application/Product Security, including senior IC ownership at Staff/Principal level or equivalent.
Experience securing multi-tenant SaaS products handling sensitive or regulated data.
Strong hands-on background in DevSecOps and CI/CD security automation.
Practical experience with AI/LLM security risks and controls.
Ability to review code and work closely with engineering across modern backend/platform stacks.
Strong written communication in English and Russian, with clear ownership and the ability to influence others.
Nice-to-have
Experience leading security through major engineering transformations such as AI-first, cloud, microservices, or platform-scale change.
Background in fintech, tax, payments, or other heavily regulated environments.
Experience building or operating security-focused AI agents in production.
Strong AWS/GCP, Kubernetes, and cloud/runtime security expertise.
To apply: