Principal Security Architect - Platform and Application Security

Our Company

Changing the world through digital experiences is what Adobe’s all about. We give everyone—from emerging artists to global brands—everything they need to design and deliver exceptional digital experiences! We’re passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen. 

We’re on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours!

 

The Opportunity

We are a team of passionate storytellers, technology innovators, and change agents. Building off Adobe Express initial success, we are now re-imagining (from the ground up!) the way people discover, create, and publish the full range of media types - from graphics to imaging to video - right in the browser and on their mobile devices. Our aim is to build fast and easy product experiences that empower students, social influencers, marketers, small businesses - really anyone with something to say - to make something that will stand out and impress their audience.

The Challenge

The Principal Security Architect will lead efforts to ensure robust security practices and compliance for Adobe Express and its platform. Additionally, they will act as the main point of contact between Adobe Express teams and the broader Security organization. This role is critical for embedding robust security practices directly within the development and operational processes in our platform and applications. The role will prioritize both Adobe Express' product engineering goals and the overall security goals of Adobe, to align and improve the product development lifecycle.

What You'll Do

Strategic Security Leadership

• Influence product strategies and roadmaps to include vital security measures, ensuring Adobe Express leads in security within Creative Cloud.

• Lead the security dialogue within the organization by participating in Product Security Alignment Meetings alongside representatives from the Security Business Operations and Enablement team and representatives from Adobe Express.

Security Integration and Advocacy

• Integrate and supervise security requirements from the into all stages of development, from initial design through production.

• Advocate for the adoption of security best practices, tools, and processes, ensuring that security is a core component of development.

Management and Oversight of Security Practices

• Serve as the primary liaison for solutions involving multiple Security Champions, coordinating efforts across various components and teams.

• Be responsible for the effectiveness of security practices and initiatives, ensuring they are accurately implemented and yield the expected security posture improvements.

Compliance and Risk Management

• Collaborate closely with Adobe Security team to manage compliance requirements and ensure these are well communicated and understood by the engineering teams.

• Handle risk assessments, provide business justifications for risk adjustments and exceptions, and ensure all Adobe Express products meet strict compliance standards.

Team Leadership and Development

• Lead and mentor Security Champions within Adobe Express, fostering a culture of security awareness and continuous improvement.

• Provide strategic direction for the team, helping them to prioritize security tasks and integrate them into their respective roadmaps and sprints.

What You Need To Succeed

• Master’s degree in computer science, engineering, cybersecurity or a related field, or a bachelor's degree with 10+ years of experience in a similar security role.

• Outstanding organization skills, strong planning skills, communication skills, and high attention to detail. The position requires speaking publicly to senior leadership and customers.

• Proven track record building technical rapport and enduring relationships within diverse teams.

• Solid understanding of public cloud infrastructure and architecture (AWS, Azure, GCP) and associated security concepts and challenges.

• Solid understanding of foundational security principles, techniques, and standard methodologies such as authentication, authorization, logging, baselines, data handling, and SPLC.

• Solid knowledge of application & operations security vulnerabilities (e.g., OWASP Top 10) and mitigation techniques.

• Ambitious and driven, with excellent interpersonal and communication skills.

• Ability to multitask and switch between multiple high urgency projects.

• Experience with emerging threats, mitigations, and industry trends.

• Familiarity with compliance frameworks such as FedRAMP, ISO 27001, SOC2, HIPAA, FERPA, and PCI.

• Experience leading projects and programs, especially within the Cybersecurity domain.

• Experience working in an engineering and software development organization and within the Secure Development Lifecycle.

• Experience working with Lean Enterprise/Agile/DevOps/SecDevOps development frameworks.

• Strong experience working with SaaS/cloud delivered solutions.

• Knowledge and experience working with common security tools: Kali Linux, Nessus, Qualys, BurpSuite, etc.

• Solid knowledge and understanding of containerized applications: Docker, OpenShift, Kubernetes, etc.

• Industry Certifications such as CISSP, CASP+, CISM, CISA, GCIH, CFCE, GCFA, and/or GCFE, or equivalent job experience.

Our compensation reflects the cost of labor across several  U.S. geographic markets, and we pay differently based on those defined markets. The U.S. pay range for this position is $191,700 -- $345,700 annually. Pay within this range varies by work location and may also depend on job-related knowledge, skills, and experience. Your recruiter can share more about the specific salary range for the job location during the hiring process.

At Adobe, for sales roles starting salaries are expressed as total target compensation (TTC = base + commission), and short-term incentives are in the form of sales commission plans.  Non-sales roles starting salaries are expressed as base salary and short-term incentives are in the form of the Annual Incentive Plan (AIP).

In addition, certain roles may be eligible for long-term incentives in the form of a new hire equity award.

Adobe will consider qualified applicants with arrest or conviction records for employment in accordance with state and local laws and “fair chance” ordinances.

Adobe is proud to be an Equal Employment Opportunity and affirmative action employer. We do not discriminate based on gender, race or color, ethnicity or national origin, age, disability, religion, sexual orientation, gender identity or expression, veteran status, or any other applicable characteristics protected by law. Learn more.
 

Adobe aims to make Adobe.com accessible to any and all users. If you have a disability or special need that requires accommodation to navigate our website or complete the application process, email accommodations@adobe.com or call (408) 536-3015.

Adobe values a free and open marketplace for all employees and has policies in place to ensure that we do not enter into illegal agreements with other companies to not recruit or hire each other’s employees.