Principal Software Security Engineer - Security and ...

Be a Guardian for Businesses Worldwide Do you have a passion for safeguarding businesses from online threats? Are you driven to build innovative security solutions that empower small businesses to thrive in the digital world? If so, join Intuit's Security & Abuse Prevention team and make a real difference in the lives of entrepreneurs and businesses globally. As a Principal Software Security Engineer, you'll be a key player in designing and implementing cutting-edge security and fraud prevention measures for our platform. You'll collaborate with a talented team of engineers, security specialists, and data scientists to create solutions that stop bad actors in their tracks while providing a seamless and secure experience for our customers. Why Intuit's Security and Abuse Prevention team? Make a Difference: Protect small businesses worldwide and contribute to their success. Grow with Us: Enjoy a competitive salary, comprehensive benefits, and opportunities for professional development. Thrive in a Collaborative Culture: Work alongside a passionate and supportive team dedicated to innovation and excellence. Join us and help build a safer digital world for small businesses! What You'll Do Champion Security by Design: Lead the design and implementation of secure workflows for our small business applications and services, ensuring security is integrated throughout the development lifecycle. Proactive Risk Mitigation: Assess and identify potential security risks and vulnerabilities in our multi-cloud environment, guiding teams on effective mitigation strategies. Drive Innovation: Develop and implement security best practices and standards for generative AI-based applications and services, employing a shift-left approach to boost velocity. Influence and Collaborate: Partner with cross-functional teams, including product engineers, abuse and fraud specialists, and data scientists, to deliver impactful solutions. Incident Response and Analysis: Participate in security incident management, driving root cause analysis to prevent future security exploitations. Strategic Leadership: Communicate security risks and concerns to senior leadership and stakeholders, developing comprehensive plans to address them. Stay Ahead of the Curve: Continuously monitor the evolving threat landscape and industry frameworks (OWASP, etc.) to ensure our security posture remains robust. What You Bring to the Team Security Expertise: 10+ years of experience implementing, managing, or governing security technologies, including application security, network security, intrusion detection, and digital forensics. Generative AI Security: Experience in securing generative AI workflows from data leakage, prompt injection, membership inference, and model theft attacks. Threat Modeling Proficiency: 5+ years of experience with threat modeling for various applications and systems, including mobile, microservices, web applications, serverless, and data pipelines. Secure Coding Skills: Strong programming skills (Python, Java, PHP, C++, etc.) with a focus on secure coding practices. Data Security and Identity: In-depth understanding of data security technologies and identity protocols (authentication/authorization). Collaborative Approach: Proven ability to work effectively with cross-functional teams and stakeholders. Problem-Solving Acumen: Strong debugging, problem-solving, and investigative skills. Agile Mindset: Experience with Agile/Scrum methodology and a self-starter attitude. Bonus Points Bachelor's/Master's degree in a related field (MIS, Computer Science, etc.). Secure prompt engineering expertise for large language models (ChatGPT, Gemini, etc.). Automation skills to boost productivity. Excellent communication and presentation skills. #J-18808-Ljbffr

Created: 2025-01-14