What You'll Do Avalara aspires to be the global cloud compliance platform. As a Product Security Architect at Avalara, you will design and implement security frameworks and architectures that protect our SaaS product ecosystem. You will work with product development teams and DevOps teams to ensure security is built into our software from the ground up. You will focus on safeguarding the entire product lifecycle, from design through deployment, ensuring that our customers' data and our platform are secure from modern threats. You will report to Chief Architect. This is an individual contributor role. What Your Responsibilities Will Be Architect secure product environments that address security concerns across our SaaS offerings, ensuring the security of all product layers, including application, data, and infrastructure. Develop security standards, guidelines, and best practices for product development teams, ensuring security is integrated into the software development lifecycle (SDLC). Conduct threat modeling and risk assessments for new features to identify and address potential security vulnerabilities. Collaborate with product managers, developers, and DevOps teams to define security requirements and ensure they are incorporated throughout the design process. Perform secure code reviews and work with development teams to establish secure coding practices, including automation of security testing in CI/CD pipelines. Oversee data security and privacy mechanisms, such as encryption, data masking, and anonymization, to ensure compliance with regulatory requirements like GDPR, HIPAA, and others. Lead vulnerability management efforts for products, including monitoring, identifying, and remediating security flaws across services. Establish security monitoring and incident response processes for our SaaS platform, working with DevOps teams to monitor security events and respond to product security incidents. Stay up-to-date with the latest security threats and technologies that impact SaaS platforms, ensuring proactive measures are in place to address new risks. Lead security-related training and awareness projects within the product and engineering teams, helping build a security-first mindset across the organization. What You'll Need to be Successful 4 year Bachelor's degree in Cybersecurity, Computer Science, Software Engineering, or related field. Master's degree or security certifications (e.g., CSSLP, CISSP, CCSP) 15+ years of experience in software engineering. Experience secure software development and building security into product architectures from design to deployment. Hands-on experience with cloud environments (AWS, Azure, GCP) and securing cloud-native applications Certified Secure Software Lifecycle Professional (CSSLP) Certified Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) GIAC Cloud Security Automation (GCSA) #LI-Remote This is a remote role. How We'll Take Care of You Total Rewards In addition to a great compensation package, paid time off, and paid parental leave, many Avalara employees are eligible for bonuses. Health & Wellness Benefits vary by location but generally include private medical, life, and disability insurance. Inclusive culture and diversity Avalara strongly supports diversity, equity, and inclusion, and is committed to integrating them into our business practices and our organizational culture. We also have a total of 8 employee-run resource groups, each with senior leadership and exec sponsorship. Learn more about our benefits by region here: Avalara North America What You Need To Know About Avalara We’re Avalara. We’re defining the relationship between tax and tech. We’ve already built an industry-leading cloud compliance platform, processing nearly 40 billion customer API calls and over 5 million tax returns a year. Last year, we became a billion-dollar business, and our tribe expanded by a cool thousand people - there’s nearly 5,000 of us now. Our growth is real, and we’re not slowing down - not until we’ve achieved our mission - to be part of every transaction in the world. We’re bright, innovative and disruptive, like the orange we love to wear. It captures our quirky spirit and optimistic mindset. It shows off the culture we’ve designed, that empowers our people to win. Ownership and achievement go hand in hand here. We instill passion in our people through the trust we place in them. We’ve been different from day one. Join us, and your career will be too. We’re An Equal Opportunity Employer Supporting diversity and inclusion is a cornerstone of our company — we don’t want people to fit into our culture, but to enrich it. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law. If you require any reasonable adjustments during the recruitment process, please let us know.