Product Security Architect

The Role

We're hiring a Product Security Architect to join a team that operates AI-first. We don't mean we're planning to adopt AI or "exploring" it; we mean Claude and LLM-driven workflows are how we do threat modeling, secure design reviews, vulnerability analysis, and developer enablement today. This role is for someone who can walk in and operate at that level from day one, then help us push further.

You'll work across BeyondTrust's product suite, including endpoint agents, thick clients, SaaS platforms, APIs, identity systems, and cloud-native services, partnering directly with engineering, architecture, and product management to find and eliminate architectural risk before it ships.

What You’ll Do

• Threat Modeling & Attack Surface Reduction Lead threat modeling, attack surface analysis, and secure design reviews across products, platform services, endpoint agents, and cloud-native systems. The goal isn't producing threat model documents but recommending architectural decisions that eliminate unnecessary exposure and working with engineering to change them.
• AI-Native Security Engineering Use LLM platforms (Claude, OpenAI) as core tools to scale threat analysis, abuse-case generation, architecture review, and remediation guidance. Build and refine prompts, plugins, skills, and agent workflows that make the team faster and more consistent. You'll be extending an existing AI-first practice, not building one from scratch.
• Engineering Partnership Work directly with engineering teams to embed secure-by-default patterns into product development. This means being present in design reviews, proposing concrete alternatives when you identify risk, and building self-service security capabilities (playbooks, reusable patterns, automated workflows) that let engineers make secure decisions without waiting on us.
• Standards & Knowledge Own and expand the Product Security handbook that inferences product context from multiple sources and leverage it for enforcing secure design standards, architecture guidance, and engineering best practices. The handbook is a living system that feeds our AI workflows, not a static wiki nobody reads.
• Mentorship Mentor Product Security Engineers and Security Champions on secure design, attack surface reduction, and AI-first security workflows. Help engineers across the org develop a security-focused mindset, not just follow checklists.
• Strategy Help evolve BeyondTrust's AI-first Product Security Architecture strategy by identifying where AI workflows can replace manual processes, where they need human oversight, and where the next capability gaps are.

What You’ll Bring

• 7+ years in Product Security, Application Security, Security Architecture, or Software Security Engineering
• Deep, practical experience with threat modeling, attack surface analysis, secure design reviews, and architecture risk analysis at scale, not just in theory
• Strong understanding of cloud-native systems, APIs, endpoint agents, thick clients, and identity/security platforms
• Hands-on experience using LLM platforms (Claude, OpenAI, or similar) in engineering or security workflows. We'll ask you how you've used them and what you've learned about where they work and where they don't
• Ability to influence engineering and product teams. You should not hav